Skip to main content

Gradio CVE-2026-10783

| EUVD-2026-34187 LOW
Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
2026-06-04 cna@vuldb.com GHSA-6655-8ph2-63j3
Information Disclosure Gradio
1.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
1.1 LOW
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 04, 2026 - 00:26 vuln.today
Analysis Generated
Jun 04, 2026 - 00:26 vuln.today

DescriptionCVE.org

A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be used for attacks. The patch is named 13394. To fix this issue, it is recommended to deploy a patch.

AnalysisAI

Cache key collision in Gradio 6.14.0's audio processing component allows a local low-privileged attacker to trigger information disclosure by exploiting incomplete hash inputs in the save_audio_to_cache function. Two audio arrays with identical raw bytes but differing metadata (sample rate, format, dtype, or shape) resolve to the same cache directory path, causing one cached audio file to overwrite or be served in place of another. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local low-privilege access to Gradio host
Delivery
Identify or craft two audio arrays with identical raw bytes but differing metadata
Exploit
Submit first audio to populate cache via save_audio_to_cache
Execution
Submit second audio triggering cache key collision
Persist
Retrieve mismatched cached audio file
Impact
Disclose prior user's cached audio content
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires local access to the system running Gradio (AV:L) with at least low-privilege credentials (PR:L per CVSS vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world risk is very low and the CVSS 4.0 score of 1.1 is consistent with the actual threat profile. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local user with low privileges submits two audio inputs to a Gradio application: one with dtype int16 at 8000 Hz and another with dtype uint16 at 8000 Hz, both containing identical raw byte sequences. Under the vulnerable hash scheme, both map to the same cache directory path, causing the second write to overwrite or collide with the first. …
Remediation Apply the upstream fix from GitHub pull request #13394 (https://github.com/gradio-app/gradio/pull/13394), which replaces the incomplete hash with SHA-256 over a full metadata envelope. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-10783 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy