Lucene search
K

4 matches found

Nuclei
Nuclei
added 12 hours ago21 views

Gradio - Absolute Path Traversal

Gradio 6.7 on Windows with Python 3.13+ contains an absolute path traversal caused by incorrect path validation in path joining logic, letting unauthenticated attackers read arbitrary files from the server. id: CVE-2026-28414 info: name: Gradio - Absolute Path Traversal author: 0xAkoko severity:...

7.5CVSS7.3AI score0.03095EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/31 12:0 a.m.40 views

VulnCheck KEV: CVE-2026-28414

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Python 3.13+ change...

7.5CVSS5.9AI score0.03095EPSS
In wildExploits1References9
vulnersOsv
vulnersOsv
added 2026/03/01 1:28 a.m.9 views

3d-rcnet (>=0.2.2 <=0.2.3), aa-prepflow (>=0.1.0 <=0.1.1) +1120 more potentially affected by CVE-2026-28414 via gradio (>=1.7.7 <=6.4.0)

gradio PYPI version =1.7.7, =0.2.2, =0.1.0, =0.3.0, =0.0.3, =0.1.5, =0.8.2.4, =0.2.1, =1.2.0, =0.1.0, =0.1.0, =0.1.0, =2.0.0, =3.3.9 and more Source cves: CVE-2026-28414 Source advisory: OSV:GHSA-39MP-8HJ3-5C49...

7.5CVSS7.2AI score0.03095EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/28 12:14 a.m.8 views

3d-rcnet (>=0.2.2 <=0.2.3), aa-prepflow (>=0.1.0 <=0.1.1) +696 more potentially affected by CVE-2026-28414 via gradio (>=6.0.0 <=6.4.0)

gradio PYPI version =6.0.0, =0.2.2, =0.1.0, =0.0.3, =0.1.5, =1.2.0, =0.1.0, =0.1.0, =0.1.0, =3.3.0, =0.1.4, =0.1.3, =0.1.0, =0.2.0 and more Source cves: CVE-2026-28414 Source advisory: SNYK:PYTHON-GRADIO-15366417...

7.5CVSS7.2AI score0.03095EPSS
Exploits1
Rows per page
Query Builder