CVE-2026-27167

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Gradio versions 4.16.0 through 6.5.9

Description Gradio is a Python package for rapid prototyping. Applications running outside of Hugging Face Spaces, versions 4.16.0 through 6.5.9, improperly handle OAuth components like gr.LoginButton. Visiting the /login/huggingface API endpoint triggers a process where the server retrieves and stores its Hugging Face access token in a session cookie. This cookie, signed with a hardcoded secret ("-v4"), can be decoded by remote attackers, potentially leading to credential theft. The vulnerable process occurs when an application is accessible over a network.

Recommendations Update to Gradio version 6.6.0 or later.

Exploit

Fix

Insufficiently Protected Credentials

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522CWE-798

Related Identifiers

CVE-2026-27167

GHSA-H3H8-3V2V-RG7M

PYSEC-2026-63

Affected Products

Gradio

CVE-2026-27167

Weakness Enumeration

Related Identifiers

Affected Products

References · 14