Description
Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers to perform cross-Space session fixation by exploiting a shared module-level HTTP client used across all users in the reverse proxy endpoint. Attackers controlling any HF Space can return a parent-domain cookie that the shared client stores and automatically replays into all subsequent proxy requests to other legitimate Spaces, affecting all users of the same Gradio deployment.
Published: 2026-05-27
Score: 7.6 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Gradio before version 6.15.0 contains a flaw where a shared module‑level HTTP client is used across all users in the reverse proxy endpoint. This allows a remote attacker to inject a parent‑domain cookie, leading to cross‑Space session fixation. The injected cookie is stored by the shared client and replayed in subsequent proxy requests to other legitimate Spaces, effectively hijacking user sessions across the entire Gradio deployment. This constitutes a CWE‑384 vulnerability that can compromise confidentiality and integrity of user data.

Affected Systems

The affected product is the Gradio web‑user interface, specifically all releases prior to 6.15.0. Vulnerability applies to any deployment where multiple Interactive HF Spaces share the same reverse proxy client; all users on the same deployment are at risk if any single Space can be controlled by an attacker.

Risk and Exploitability

The CVSS score of 7.6 indicates a high severity. EPSS data is not available, and the issue is not listed in the CISA KEV catalog, but the attack requires only remote control of a single HF Space to inject a cookie that propagates across all spaces. Once injected, the attacker can impersonate any user who then accesses the shared proxy. Because the attack vector is remote and the vulnerability is not limited by user privileges, attackers with internet access can exploit this weakness in any publicly exposed Gradio deployment.

Generated by OpenCVE AI on May 27, 2026 at 21:10 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Gradio to version 6.15.0 or later.
  • If upgrading is not immediately possible, isolate each HF Space into its own deployment or disable the shared proxy client to prevent cross‑space cookie injection.
  • Audit and remove any parent-domain cookies that could be injected into the shared client, ensuring only authenticated sessions are transmitted.

Generated by OpenCVE AI on May 27, 2026 at 21:10 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 02 Jun 2026 00:45:00 +0000

Type Values Removed Values Added
First Time appeared Gradio Project
Gradio Project gradio
CPEs cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:*
Vendors & Products Gradio Project
Gradio Project gradio

Thu, 28 May 2026 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Gradio-app
Gradio-app gradio
Vendors & Products Gradio-app
Gradio-app gradio

Wed, 27 May 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 27 May 2026 15:15:00 +0000

Type Values Removed Values Added
Description Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers to perform cross-Space session fixation by exploiting a shared module-level HTTP client used across all users in the reverse proxy endpoint. Attackers controlling any HF Space can return a parent-domain cookie that the shared client stores and automatically replays into all subsequent proxy requests to other legitimate Spaces, affecting all users of the same Gradio deployment.
Title Gradio < 6.15.0 Cookie Injection via Shared Proxy Client
Weaknesses CWE-384
References
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N'}

cvssV4_0

{'score': 7.6, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Gradio-app Gradio
Gradio Project Gradio
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-27T15:35:52.619Z

Reserved: 2026-05-21T18:34:46.417Z

Link: CVE-2026-48545

cve-icon Vulnrichment

Updated: 2026-05-27T15:35:48.702Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-27T15:16:31.020

Modified: 2026-06-02T00:34:06.257

Link: CVE-2026-48545

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T02:15:03Z

Weaknesses