Part of Lyceum Intelligence — deep-research In Focus reports → · Lyceum Corpus — ask the documents →

Full-text search across 381 articles. Typo-tolerant.

Lyceum News Desk ·

CVE-2026-44649 -- CVSS 9.8 Vulnerability Briefing

CVE-2026-44649 | CVSS 9.8 (Critical) | Exploit: No known exploit

What Is It

CVE-2026-44649 is a critical-severity vulnerability affecting SillyTavern, a locally installed web-based user interface for interacting with large language models, image generation engines, and text-to-speech systems, present in versions prior to 1.18.0.

Technical Detail

The full technical description of the flaw has not been publicly disclosed in available CVE data at this time, though the vulnerability carries a CVSS score of 9.8, indicating a near-maximum severity rating consistent with unauthenticated remote code execution or a similarly critical impact class. Given SillyTavern's architecture as a locally hosted server interface, the attack surface likely involves its HTTP API or request handling logic, which could be reachable by a network-adjacent or remote attacker depending on how the instance is exposed. Specific exploitation mechanics, affected components, and confirmed impact have not yet been fully detailed in public advisories.

Exploitation Status

No known exploit exists for this vulnerability at this time. It is not listed in CISA's Known Exploited Vulnerabilities catalog, and exploit maturity is assessed as none. There is no public proof-of-concept code or evidence of active exploitation in the wild as of June 05, 2026.

Who Is Targeting This

No confirmed threat actor attribution has been established for this vulnerability. Reported (research-inferred): COPYKITTENS, EVILNUM, LOTUSBLOSSOM, SEATURTLE, and WINDSHIFT have been associated with this CVE at medium confidence, though motivations are unknown for each. These associations are research-inferred and have not been independently verified through operational intelligence. Attribution should be treated as preliminary and not used as a basis for threat modeling without additional corroboration.

What To Do

Users and administrators running SillyTavern should upgrade to version 1.18.0 or later immediately, as this release contains the fix for the reported vulnerability. Given the critical CVSS score of 9.8, patching should be treated as high priority regardless of current exploitation status. As a general hardening measure, SillyTavern instances should not be exposed to untrusted networks or the public internet; access should be restricted to localhost or protected behind authentication controls and network-level access restrictions. Monitor the official SillyTavern GitHub repository and security advisories for additional technical detail as it becomes available.

In Focus
All analysis →

Deep-research intelligence reports from Lyceum Intelligence — structured assessments with sourced claims and calibrated conclusions.

Browse Intelligence Reports →