{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T01:31:02.391","vulnerabilities":[{"cve":{"id":"CVE-2026-28415","sourceIdentifier":"security-advisories@github.com","published":"2026-02-27T22:16:24.497","lastModified":"2026-03-05T13:06:31.743","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton). Starting in version 6.6.0, the _target_url parameter is sanitized to only use the path, query, and fragment, stripping any scheme or host."},{"lang":"es","value":"Gradio es un paquete Python de código abierto diseñado para la creación rápida de prototipos. Antes de la versión 6.6.0, la función _redirect_to_target() en el flujo OAuth de Gradio acepta un parámetro de consulta _target_url no validado, lo que permite la redirección a URL externas arbitrarias. Esto afecta a los endpoints /logout y /login/callback en aplicaciones Gradio con OAuth habilitado (es decir, aplicaciones que se ejecutan en Hugging Face Spaces con gr.LoginButton). A partir de la versión 6.6.0, el parámetro _target_url se sanea para usar solo la ruta, la consulta y el fragmento, eliminando cualquier esquema o host."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-330"},{"lang":"en","value":"CWE-601"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:*","versionEndExcluding":"6.6.0","matchCriteriaId":"59BB794F-B63D-4D86-B0F0-E60AF9017444"}]}]}],"references":[{"url":"https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}