CVE-2026-28416 | gradio-app gradio up to 6.5.x gr.load server-side request forgery (GHSA-jmh7-g254-2cq9)

A vulnerability categorized as critical has been discovered in gradio-app gradio up to 6.5.x. The affected element is the function gr.load. Executing a manipulation can lead to server-side request forgery.

The identification of this vulnerability is CVE-2026-28416. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More