repository icon
gradio-app / gradio Project repository

Build and share delightful machine learning apps, all in Python. 🌟 Star to support our work!

Submit a report

FIRST INTERACTION

WITHINN/A DAYS

REVIEW

WITHIN15 DAYS

FIX

WITHINN/A DAYS

Unauthenticated vibe endpoints allow arbitrary code execution via direct file wr...
dartecheese
duplicate
Critical
DIAGNOSTIC TEST - please ignore - will self-close immediately
powerliftlog
self closed
Test submission - please ignore, will self-close
powerliftlog
self closed
Path Traversal via FileExplorer.preprocess() Allows Sandbox Escape in gradio-app...
galanzi2580-wq
self closed
Test probe — please ignore (huntr 500 diagnosis)
luch4ik
self closed
CORS Misconfiguration Enables Full CSRF on All Remote Gradio Deployments
surrealgrain
self closed
Unauthenticated Remote Code Execution via Vibe Code Editor Endpoint
surrealgrain
self closed
Authentication Bypass to Remote Code Execution in gradio-app/gradio
ce2sec
duplicate
Critical
Unauthenticated Remote Code Execution via `POST /gradio_api/vibe-code` Endpoint...
microwaveovens-yay
duplicate
Critical
Cross-Origin Authentication Bypass via Permissive CORS + SameSite=None Cookies o...
anir0y
duplicate
High
Test
wulonchia-pro
self closed
Unauth RCE + Path Traversal in Gradio Vibe Mode — all vibe endpoints missing log...
lexi-core-ai
duplicate
Critical
Authentication Bypass on Vibe Mode Endpoints Allows Unauthenticated Remote Code...
sfwani
duplicate
Critical
Vibe mode endpoints missing authentication — unauthenticated RCE via POST /vibe-...
microwaveovens-yay
duplicate
Critical
Open Redirect via /file= Endpoint Enables Phishing from Trusted Gradio Domains
sebasteuo
pending
Unauthenticated Remote Code Execution and Path Traversal via Vibe Mode Endpoints
sebasteuo
duplicate
Critical
Authentication Bypass on /monitoring/summary Endpoint Exposes Analytics Data
sebasteuo
pending
MCP Server authentication bypass allows unauthenticated access to all non-queued...
addcontent
duplicate
High
MCP Server Authentication Bypass — Information Disclosure
tkenaz
duplicate
Medium
Missing authentication on /monitoring/summary and /profiling/* endpoints leaks s...
projectworks007
duplicate
Medium
SSRF in extract_svg_content() bypasses safehttpx protection, allows reading inte...
kumarabhijeet1608
duplicate
High
Unauthenticated Remote Code Execution via /vibe-code endpoint
cyberwael
self closed
SSRF via Unprotected httpx.get() in Gallery SVG and Audio Stream Components Bypa...
mscgo
duplicate
High
Unauthenticated Information Disclosure via /monitoring/summary Endpoint
0xbassia
duplicate
Medium
Missing Authentication on Stream and Cancel Endpoints
tulgaaaaaaaa
pending
Authentication Bypass on /monitoring/summary and /monitoring/{key} Endpoints
tulgaaaaaaaa
duplicate
Medium
Reflected XSS in File Access Endpoint
butlerzou-bot
pending
Stream Data Injection - Unauthenticated data injection into active streaming eve...
dimpyj1604
pending
Gradio MCP endpoints bypass auth= when mcp_server=True
dimpyj1604
duplicate
Critical
SSRF via SVG image fetch using httpx without safehttpx protection
buttergolemcode
duplicate
High
Unauthenticated RCE via Vibe Mode Endpoints
buttergolemcode
duplicate
Critical
Unauthenticated Remote Code Execution via /vibe-code Endpoint (Missing Auth on V...
vellaveto
pending
Path traversal in FileExplorer.preprocess() allows reading arbitrary server file...
rishavkumarthapa01-sketch
pending
Response Header Injection via Request Headers Reflected in Ranged File Response
uug4na
pending
Incomplete Fix for CVE-2026-28415: Open Redirect Bypass via Protocol-Relative UR...
uug4na
duplicate
Medium
CORS Origin Validation Bypass via Wildcard DNS in CustomCORSMiddleware
midasavocado
pending
Missing Authentication on /stream/, /cancel, /upload_progress, and /startup-even...
pelegs202-design
pending
Vibe mode endpoints missing `login_check` authentication — inconsistent with all...
dave-london
duplicate
Critical
SSRF in extract_svg_content allows access to internal services via Gallery compo...
narrator3333-hash
duplicate
High
Unauthenticated Access to /monitoring/summary Bypasses Analytics Key Protection
goblinmode2700
pending
SSRF via extract_svg_content Bypasses safehttpx Protections
goblinmode2700
pending
Path Traversal in undo-vibe-edit Allows Reading Arbitrary .py Files
goblinmode2700
pending
Stream Endpoints Missing Authentication — Data Injection and Media Exfiltration
goblinmode2700
pending
Vibe Mode Endpoints Bypass Authentication — Unauthenticated Remote Code Executio...
goblinmode2700
pending
CORS Misconfiguration Enables CSRF Against Authenticated Gradio Deployments
apostolides
duplicate
High
Command injection via ffprobe shell command with user-controlled video file path
odysseypro25-project
pending
SSRF in extract_svg_content() — bypasses safehttpx SSRF protection used elsewher...
odysseypro25-project
duplicate
None
Authentication Bypass on Vibe Mode Endpoints Leads to Remote Code Execution
elucidator-hky
self closed
Authentication Bypass on 5 Endpoints Missing login_check Dependency
appsecguardian-hash
pending
Authentication Bypass on Vibe Mode Endpoints Leads to Remote Code Execution
0xbassia
duplicate
Critical
Unauthenticated Remote Code Execution via Vibe Mode Endpoints
odysseypro25-project
duplicate
Critical
Unauthenticated Remote Code Execution via Vibe Mode Endpoints
odysseypro25-project
pending
Open Redirect Leading to SSRF via /gradio_api/file= Endpoint
mscgo
self closed
Unauthenticated Remote Code Execution via Vibe Mode Endpoints (Missing login_che...
xjin1020
duplicate
Critical
MCP Server Authentication Bypass — Unauthenticated Access to All Gradio App Func...
willardjansen
duplicate
Critical
SSRF via unprotected httpx.get() in extract_svg_content and Audio.stream_output
mom3gool2030
pending
Multiple SSRF vulnerabilities in Gradio
butlerzou-bot
pending
Unauthenticated Remote Code Execution via /vibe-code endpoint in Gradio vibe mod...
etwithin
duplicate
None
Path Traversal in /undo-vibe-edit endpoint via unsanitized hash parameter
etwithin
pending
FileExplorer preprocess() path traversal allows root_dir escape via crafted API...
noobosaurus-r3x
self closed
Path Traversal in FileExplorer preprocess() Bypasses root_dir Restriction
etwithin
duplicate
High
Unauthenticated Source Code Disclosure and Arbitrary Code Write via Vibe Mode En...
etwithin
duplicate
Critical
Path Traversal in FileExplorer preprocess() Bypasses root_dir Restriction
etwithin
duplicate
High
Unauthenticated Source Code Disclosure and Arbitrary Code Write via Vibe Mode En...
etwithin
duplicate
Critical
SSRF in Audio stream_output and SVG Processing via Unprotected httpx.get
narrator3333-hash
pending
Unauthenticated Remote Code Execution via /vibe-code/ Endpoint in Vibe Mode
narrator3333-hash
duplicate
Critical
Path Traversal in /undo-vibe-edit Endpoint Leading to Arbitrary File Read and Co...
narrator3333-hash
pending
Path Traversal in /undo-vibe-edit Endpoint Leading to Arbitrary File Read and Co...
narrator3333-hash
pending
FileExplorer preprocess() Path Traversal — Missing safe_join Allows Arbitrary Fi...
avienma007
self closed
Unauthenticated RCE via Vibe Mode Endpoints Missing login_check Dependency
avienma007
self closed
Unauthenticated Access to MCP SSE Endpoint Bypasses `auth=` Protection via Starl...
pavanchow
duplicate
Critical
Stored XSS via Unsanitized {@html} in DataFrame HTML Datatype Enables Same-Origi...
paulmkenny
pending
Workflow_run Artifact Poisoning in previews-deploy.yml enables supply chain pack...
vera-platform
pending
SSRF via raw httpx.get() in extract_svg_content and Audio.stream_output bypasses...
jeremysommerfeld8910-cpu
duplicate
High
Unauthenticated RCE via Vibe-Mode Endpoints Bypassing Authentication
jeremysommerfeld8910-cpu
duplicate
Critical
Predictable Session Secret Allows Session Cookie Forgery When OAUTH_CLIENT_SECRE...
wubabalala
pending
Unauthenticated RCE via Vibe-Mode Endpoints Bypassing Authentication
jeremysommerfeld8910-cpu
self closed
Unauthenticated RCE via Vibe-Mode Endpoints Bypassing Authentication
jeremysommerfeld8910-cpu
self closed
Path traversal in undo-vibe-edit hash parameter enables arbitrary .py file read...
jeremysommerfeld8910-cpu
pending
Unauthenticated RCE via vibe-mode endpoints bypassing login_check authentication
jeremysommerfeld8910-cpu
self closed
SSRF via raw httpx.get() in Audio.stream_output bypasses safehttpx protections
jeremysommerfeld8910-cpu
self closed
Authentication Bypass on /monitoring/summary Exposes Queue Analytics Without Cre...
galanzi2580-wq
pending
Information Disclosure via Unauthenticated MCP Schema Endpoint in Gradio
enzogaillardsystems
pending
Path Traversal via Unsanitized Hash Parameter in undo-vibe-edit Endpoint
wernerina
not applicable
Unauthenticated Remote Code Execution via Vibe Mode Endpoints
wernerina
duplicate
Critical
Unauthenticated Remote Code Execution via Vibe Code Endpoints Missing login_chec...
invisiblemonsters
duplicate
Critical
Path Traversal in FileExplorer.preprocess() allows reading files outside root_d...
shima-coder
duplicate
High
Path Traversal in FileExplorer.preprocess() Allows Reading Arbitrary Server File...
seonghoj-bright
duplicate
High
Unauthenticated Remote Code Execution via Gradio Vibe Mode `/vibe-code` Endpoint
alrightryanx
duplicate
Critical
Unauthenticated Access to /monitoring/summary Endpoint Leaks Operational Metrics
galanzi2580-wq
duplicate
Medium
Open Redirect via /file= Endpoint Allows Redirection to Arbitrary External URLs
galanzi2580-wq
self closed
CORS Misconfiguration in CustomCORSMiddleware Allows Cross-Origin Credential The...
galanzi2580-wq
self closed
huntr: gradio-app/gradio