CVE-2026-27167— Gradio 信任管理问题漏洞

Gradio: Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret

Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components (e.g. `gr.LoginButton`) are used. When a user visits `/login/huggingface`, the server retrieves its own Hugging Face access token via `huggingface_hub.get_token()` and stores it in the visitor's session cookie. If the application is network-accessible, any remote attacker can trigger this flow to steal the server owner's HF token. The session cookie is signed with a hardcoded secret derived from the string `"-v4"`, making the payload trivially decodable. Version 6.6.0 fixes the issue.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N

使用硬编码的凭证

Gradio 信任管理问题漏洞

Gradio是Gradio开源的一个开源 Python 库，是通过友好的 Web 界面演示机器学习模型的方法。 Gradio 4.16.0至6.6.0之前版本存在信任管理问题漏洞，该漏洞源于OAuth组件使用时自动启用模拟OAuth路由，可能导致远程攻击者窃取服务器所有者的HF令牌。

N/A

N/A