CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2026/03/02 4:18 a.m.•4 views

CVE-2026-28416

A flaw was found in Gradio, an open-source Python package for rapid prototyping. A remote attacker can exploit a Server-Side Request Forgery SSRF vulnerability by hosting a malicious Gradio Space. When a victim application uses gr.load to load this attacker-controlled Space, a malicious proxyurl...

8.6CVSS6AI score0.00316EPSS

Exploits0References4

PyPA•added 2026/02/27 10:16 p.m.•8 views

PYSEC-2026-66

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery SSRF vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When a victim application uses...

8.6CVSS5.9AI score0.00316EPSS

Exploits0References1Affected Software1

EUVD•added 2026/02/27 9:47 p.m.•6 views

EUVD-2026-9084

8.2CVSS6AI score0.00316EPSS

Exploits0References1

Positive Technologies•added 2026/02/27 12:0 a.m.•5 views

PT-2026-22415

Name of the Vulnerable Software and Affected Versions Gradio versions prior to 6.6.0 Description Gradio is a Python package for rapid prototyping. A Server-Side Request Forgery SSRF condition exists in Gradio that allows an attacker to initiate arbitrary HTTP requests from a victim’s server. This...

8.2CVSS6AI score0.00316EPSS

Exploits0References10

NVD•added 2019/09/23 6:15 p.m.•25 views

CVE-2019-11277

Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny...

8.4CVSS8.1AI score0.01707EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by