CVE-2026-23608

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Mail Monitoring rule creation endpoint. An authenticated user can supply HTML/JavaScript in the JSON "name" field to /MailEssentials/pages/MailSecurity/MailMonitoring.aspx/Save, which is stored...

SUSE CVE-2024-47168

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves data exposure due to the enablemonitoring flag not properly disabling monitoring when set to False. Even when monitoring is supposedly disabled, an attacker or unauthorized user can still access th...

PYSEC-2024-198

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves data exposure due to the enablemonitoring flag not properly disabling monitoring when set to False. Even when monitoring is supposedly disabled, an attacker or unauthorized user can still access th...

Always-Incorrect Control Flow Implementation

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to the improper handling of the enablemonitoring flag. An attacker can access sensitive application...

PT-2024-32451 · Gradio · Gradio

Name of the Vulnerable Software and Affected Versions: Gradio versions prior to 4.44 Description: This issue involves data exposure due to the enable monitoring flag not properly disabling monitoring when set to False. Even when monitoring is supposedly disabled, an attacker or unauthorized user...

Gradio 安全漏洞

Gradio, an open source Python library open sourced by Hugging Face, is a way to demonstrate machine learning models through a friendly web interface. A security vulnerability exists in Gradio that stems from the fact that an attacker or unauthorized user can access the monitoring dashboard by...