CVE-2026-28416
Received Received - Intake
SSRF Vulnerability in Gradio Allows Internal Network Access

Publication date: 2026-02-27

Last updated on: 2026-03-05

Assigner: GitHub, Inc.

Description
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When a victim application uses `gr.load()` to load an attacker-controlled Space, the malicious `proxy_url` from the config is trusted and added to the allowlist, enabling the attacker to access internal services, cloud metadata endpoints, and private networks through the victim's infrastructure. Version 6.6.0 fixes the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-27
Last Modified
2026-03-05
Generated
2026-05-07
AI Q&A
2026-02-28
EPSS Evaluated
2026-05-05
NVD
CVE-2026-28416
EUVD
EUVD-2026-9084
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gradio_project gradio to 6.6.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a Server-Side Request Forgery (SSRF) issue in the Gradio Python package before version 6.6.0. It allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When the victim application uses the function `gr.load()` to load this attacker-controlled Space, the malicious proxy URL from the configuration is trusted and added to an allowlist. This enables the attacker to access internal services, cloud metadata endpoints, and private networks through the victim's infrastructure.


How can this vulnerability impact me? :

The vulnerability can have serious impacts including unauthorized access to internal services and sensitive data within the victim's network. An attacker can exploit this flaw to reach cloud metadata endpoints and private networks, potentially leading to information disclosure or further attacks within the victim's infrastructure.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, upgrade Gradio to version 6.6.0 or later, where the SSRF issue has been fixed.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart