CVE-2026-10783
published 2026-06-04CVE-2026-10783: A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler…
PriorityP410low2.5CVSS 3.1
AVLACHPRLUINSUCLINAN
EPSS
0.11%
1.3th percentile
A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be used for attacks. The patch is named 13394. To fix this issue, it is recommended to deploy a patch.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gradio-app | gradio | — | — |
| gradio_project | gradio | — | — |
CVSS provenance
nvdv3.12.5LOWCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
nvdv4.01.1LOWCVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.01.0LOWAV:L/AC:H/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
A security flaw has been discovered in gradio-app gradio 6.14.0.
ghsa_unreviewed·2026-06-04
CVE-2026-10783 [LOW] CWE-327 A security flaw has been discovered in gradio-app gradio 6.14.0.
A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be used for attacks. The patch is named 13394. To fix this issue, it is recommended to deploy a patch.
VulDB
gradio-app gradio 6.14.0 Audio Cache Key save_audio_to_cache weak hash (Issue 13395 / ID 13394)
vuldb·2026-06-03·CVSS 1.1
CVE-2026-10783 [LOW] gradio-app gradio 6.14.0 Audio Cache Key save_audio_to_cache weak hash (Issue 13395 / ID 13394)
A vulnerability identified as problematic has been detected in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash.
This vulnerability is cataloged as CVE-2026-10783. The attack must be initiated from a local position. Furthermore, there is an exploit available.
To fix this issue, it is recommended to deploy a patch.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-04
Published