Vulnerabilities in gradio-app
48 resultsCVE-2024-47869LOWNon-constant-time comparison when comparing hashes in GradioEPSS 0.3%CVE-2024-47165MEDIUMCORS origin validation accepts the null origin in GradioEPSS 0.3%CVE-2024-47872MEDIUMCross-site Scripting on Gradio server via upload of HTML files, JS files, or SVG filesEPSS 0.3%CVE-2026-28415MEDIUMGradio has Open Redirect in OAuth FlowEPSS 0.2%CVE-2025-5320MEDIUMgradio-app gradio CORS is_valid_origin privilege escalationEPSS 0.2%CVE-2024-47867LOWLack of integrity check on the downloaded FRP client in GradioEPSS 0.2%CVE-2024-47871HIGHInsecure communication between the FRP client and server in GradioEPSS 0.2%CVE-2026-10783LOWgradio-app gradio Audio Cache Key save_audio_to_cache weak hashEPSS 0.1%