CVE-2026-10783

Source
https://cve.org/CVERecord?id=CVE-2026-10783
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-10783.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-10783
Aliases
Published
2026-06-03T23:30:12.545Z
Modified
2026-07-08T07:01:35.944548528Z
Severity
  • 1.1 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
gradio-app gradio Audio Cache Key save_audio_to_cache weak hash
Details

A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function saveaudioto_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be used for attacks. The patch is named 13394. To fix this issue, it is recommended to deploy a patch.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/10xxx/CVE-2026-10783.json",
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-327",
        "CWE-328"
    ]
}
References

Affected packages

Git / github.com/gradio-app/gradio

Affected ranges

Type
GIT
Repo
https://github.com/gradio-app/gradio
Events
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "CPE_STRING"
    ],
    "cpe": "cpe:2.3:a:gradio_project:gradio:6.14.0:*:*:*:*:python:*:*",
    "extracted_events": [
        {
            "introduced": "6.14.0"
        },
        {
            "last_affected": "6.14.0"
        }
    ]
}

Affected versions

6.*
6.14.0
@gradio/dialogue@0.*
@gradio/dialogue@0.3.9
@gradio/gallery@0.*
@gradio/gallery@0.17.8
@gradio/model3d@0.*
@gradio/model3d@0.17.0
gradio@6.*
gradio@6.14.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-10783.json"