CVE-2026-28416

Name of the Vulnerable Software and Affected Versions Gradio versions prior to 6.6.0

Description Gradio is a Python package for rapid prototyping. A Server-Side Request Forgery (SSRF) condition exists in Gradio that allows an attacker to initiate arbitrary HTTP requests from a victim’s server. This is possible by hosting a malicious Gradio Space and leveraging the gr.load() function to load attacker-controlled content. The malicious proxy url from the configuration is then trusted and added to an allowlist, potentially granting access to internal services, cloud metadata endpoints, and private networks via the victim's infrastructure.

Recommendations Update to version 6.6.0 or later.