Back to overview

CVE-2026-59806

HIGH
7.4
CVSS 3.1
Description
Gradio before 6.20.0 contains an open redirect and server-side request forgery vulnerability that allows attackers to redirect users to arbitrary URLs or perform client-side SSRF by supplying unvalidated HTTP/HTTPS URLs to the file_fetch() function in the /gradio_api/file= endpoint. Attackers can craft a malicious FileData response targeting internal endpoints such as cloud metadata services to retrieve sensitive credentials including EC2 IAM role credentials.

Metadata

CVE ID
CVE-2026-59806
State
PUBLISHED
Assigner
VulnCheck
Reserved
2026-07-07 14:39 UTC
Published
2026-07-08 19:43 UTC
Last updated
2026-07-08 19:43 UTC
Primary CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Vendor / Product
gradio-app / gradio
Sources
cve.org  ·  NVD

Severity & Metrics

7.4 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Affected products (1)
VendorProductPlatformVersions
gradio-app gradio 0 < 6.20.0
Weakness (CWE)
CWESourceDescription
CWE-601 cna URL Redirection to Untrusted Site ('Open Redirect')
CWE-918 cna Server-Side Request Forgery (SSRF)
CVSS scores (2)
ScoreSeverityVersionSourceVector
7.4 HIGH 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
4.9 MEDIUM 4.0 cna CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N
Back to overview