Vulnerability in Gradio-app Gradio
CVE-2026-27167
Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth…
EPSS: 0.000 (8.7th percentile) — read the EPSS interpretation.
Affected products
- Gradio-app Gradio — versions >= 4.16.0, < 6.6.0
Weakness classification (CWE)
References
- https://github.com/gradio-app/gradio/security/advisories/GHSA-h3h8-3v2v-rg7m (x_refsource_CONFIRM)