CVE-2026-48545 — Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers to perform cross-Space session fixati... · QSearch CVE Watch

Severity and scoring

CVSS: 6.8 MEDIUM
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CWE: CWE-384

Affected products

Vendor	Product
gradio_project	gradio

Description

Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers to perform cross-Space session fixation by exploiting a shared module-level HTTP client used across all users in the reverse proxy endpoint. Attackers controlling any HF Space can return a parent-domain cookie that the shared client stores and automatically replays into all subsequent proxy requests to other legitimate Spaces, affecting all users of the same Gradio deployment.

Source: NVD

References

Related CVEs

Same vendor

CVE-2026-10783 — A security flaw has been discovered in gradio-app gradio 6.14.0 (2.5 LOW)

Same CWE

CVE-2009-10007 — Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks (9.1 CRITICAL)
CVE-2026-41839 — A WebFlux application with a compromised subdomain (for example, compromised via cross-site scripting (XSS)) is vulnerable to an escalati... (4.2 MEDIUM)
CVE-2026-11335 — A flaw has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500e... (6.3 MEDIUM)
CVE-2025-67446 — Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before (9.8 CRITICAL)
CVE-2026-33384 — QuickCMS allows a user's session identifier to be set before authentication