CVE Catalog

CVE-2026-10783

LowCVSS 2.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

0th percentile — higher than 0% of all known CVEs

Summary

A security flaw has been discovered in gradio-app gradio 6.14.0 in the function save_audio_to_cache of the Audio Cache Key Handler component. Manipulating this function results in the use of a weak hash.

Risk Assessment

The attack must be initiated locally, but its complexity is high, making exploitation difficult. However, an exploit has been released, increasing the risk of attacks.

Recommendation

It is recommended to deploy the patch named 13394 to fix this security issue.

Original NVD description (English source)

A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be used for attacks. The patch is named 13394. To fix this issue, it is recommended to deploy a patch.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS