Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-44649
PUBLISHED
More InfoOfficial Page
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
View Known Exploited Vulnerability (KEV) details
Published At-29 May, 2026 | 17:45
Updated At-29 May, 2026 | 17:45
Rejected At-
▼CVE Numbering Authority (CNA)
SillyTavern: Authentication Bypass via SSO Header Injection

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User (Authelia) and X-Authentik-Username (Authentik) HTTP headers to automatically log in users when SSO is configured. There is no validation that these headers originate from a trusted reverse proxy. Any network client that can reach the SillyTavern port directly can inject these headers and authenticate as any user, including administrators, without a password. This vulnerability is exploitable only when sso.autheliaAuth: true or sso.authentikAuth: true is set in config.yaml (both default to false). This vulnerability is fixed in 1.18.0.

Affected Products
Vendor
SillyTavern
Product
SillyTavern
Versions
Affected
  • < 1.18.0
Problem Types
TypeCWE IDDescription
CWECWE-290CWE-290: Authentication Bypass by Spoofing
CWECWE-306CWE-306: Missing Authentication for Critical Function
CWECWE-346CWE-346: Origin Validation Error
CWECWE-807CWE-807: Reliance on Untrusted Inputs in a Security Decision
Type: CWE
CWE ID: CWE-290
Description: CWE-290: Authentication Bypass by Spoofing
Type: CWE
CWE ID: CWE-306
Description: CWE-306: Missing Authentication for Critical Function
Type: CWE
CWE ID: CWE-346
Description: CWE-346: Origin Validation Error
Type: CWE
CWE ID: CWE-807
Description: CWE-807: Reliance on Untrusted Inputs in a Security Decision
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-gxx6-h3g6-vwjh
x_refsource_CONFIRM
Hyperlink: https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-gxx6-h3g6-vwjh
Resource:
x_refsource_CONFIRM
Details not found