{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28415", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-27T15:33:57.289Z", "datePublished": "2026-02-27T21:44:51.956Z", "dateUpdated": "2026-03-02T21:55:38.664Z"}, "containers": {"cna": {"title": "Gradio has Open Redirect in OAuth Flow", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-284", "lang": "en", "description": "CWE-284: Improper Access Control", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-330", "lang": "en", "description": "CWE-330: Use of Insufficiently Random Values", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-601", "lang": "en", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x"}], "affected": [{"vendor": "gradio-app", "product": "gradio", "versions": [{"version": "< 6.6.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-27T21:44:51.956Z"}, "descriptions": [{"lang": "en", "value": "Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton). Starting in version 6.6.0, the _target_url parameter is sanitized to only use the path, query, and fragment, stripping any scheme or host."}], "source": {"advisory": "GHSA-pfjf-5gxr-995x", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-02T21:55:30.572710Z", "id": "CVE-2026-28415", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-02T21:55:38.664Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-28415", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-02T21:55:30.572710Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-02T21:55:34.975Z"}}], "cna": {"title": "Gradio has Open Redirect in OAuth Flow", "source": {"advisory": "GHSA-pfjf-5gxr-995x", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "gradio-app", "product": "gradio", "versions": [{"status": "affected", "version": "< 6.6.0"}]}], "references": [{"url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x", "name": "https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton). Starting in version 6.6.0, the _target_url parameter is sanitized to only use the path, query, and fragment, stripping any scheme or host."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-330", "description": "CWE-330: Use of Insufficiently Random Values"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-27T21:44:51.956Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28415", "state": "PUBLISHED", "dateUpdated": "2026-03-02T21:55:38.664Z", "dateReserved": "2026-02-27T15:33:57.289Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-27T21:44:51.956Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:*", "matchCriteriaId": "59BB794F-B63D-4D86-B0F0-E60AF9017444", "versionEndExcluding": "6.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton). Starting in version 6.6.0, the _target_url parameter is sanitized to only use the path, query, and fragment, stripping any scheme or host."}, {"lang": "es", "value": "Gradio es un paquete Python de c\u00f3digo abierto dise\u00f1ado para la creaci\u00f3n r\u00e1pida de prototipos. Antes de la versi\u00f3n 6.6.0, la funci\u00f3n _redirect_to_target() en el flujo OAuth de Gradio acepta un par\u00e1metro de consulta _target_url no validado, lo que permite la redirecci\u00f3n a URL externas arbitrarias. Esto afecta a los endpoints /logout y /login/callback en aplicaciones Gradio con OAuth habilitado (es decir, aplicaciones que se ejecutan en Hugging Face Spaces con gr.LoginButton). A partir de la versi\u00f3n 6.6.0, el par\u00e1metro _target_url se sanea para usar solo la ruta, la consulta y el fragmento, eliminando cualquier esquema o host."}], "id": "CVE-2026-28415", "lastModified": "2026-03-05T13:06:31.743", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2026-02-27T22:16:24.497", "references": [{"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-330"}, {"lang": "en", "value": "CWE-601"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-601"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "Gradio: Gradio: Open Redirect vulnerability allows redirection to arbitrary external URLs.", "id": "2443449", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443449"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "status": "draft"}, "cwe": "CWE-601", "details": ["Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton). Starting in version 6.6.0, the _target_url parameter is sanitized to only use the path, query, and fragment, stripping any scheme or host.", "A flaw was found in Gradio, an open-source Python package. The _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter. A remote attacker can exploit this vulnerability by crafting a malicious URL, leading to an open redirect. This allows the attacker to redirect users to arbitrary external websites, potentially enabling phishing attacks or other forms of user manipulation."], "mitigation": {"lang": "en:us", "value": "To mitigate this open redirect vulnerability, restrict network access to the Gradio application's `/logout` and `/login/callback` endpoints, particularly if OAuth is enabled. Ensure these endpoints are not directly exposed to untrusted networks or users. If the OAuth functionality is not required for the specific deployment of the Gradio application, consider disabling it to remove the vulnerable attack surface. Consult application documentation for specific configuration details regarding OAuth and endpoint exposure. A service restart or reload may be required for changes to take effect."}, "name": "CVE-2026-28415", "public_date": "2026-02-27T21:44:51Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-28415\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-28415\nhttps://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x"], "statement": "This MODERATE impact vulnerability in Gradio's OAuth flow allows for open redirection due to an unvalidated `_target_url` query parameter. Red Hat products utilizing Gradio with OAuth enabled, such as the `ansible-chatbot-service`, may be affected if running vulnerable versions. Exploitation requires user interaction with the `/logout` or `/login/callback` endpoints.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.6.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "gradio", "source": "cna", "vendor": "gradio-app"}, "product": "gradio", "vendor": "gradio-app"}], "created": "2026-03-02T12:04:45.013544+00:00", "updated": "2026-03-02T12:04:45.013726+00:00", "vendors": ["gradio-app", "gradio-app$PRODUCT$gradio"]}