DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-28414: Gradio Path Traversal: Exploiting Python 3.13 Path Semantics on Windows

#security #cve #cybersecurity

Gradio Path Traversal: Exploiting Python 3.13 Path Semantics on Windows

Vulnerability ID: CVE-2026-28414
CVSS Score: 7.5
Published: 2026-03-01

A high-severity absolute path traversal vulnerability exists in Gradio versions prior to 6.7 when running on Windows with Python 3.13 or newer. The vulnerability arises from a breaking change in Python 3.13's os.path.isabs() implementation, which no longer treats root-relative paths (e.g., /Windows/win.ini) as absolute on Windows. Gradio's path sanitization logic relied on the previous behavior, allowing unauthenticated remote attackers to bypass security checks and read arbitrary files from the host filesystem.

TL;DR

Gradio < 6.7 on Windows (Python 3.13+) allows unauthenticated arbitrary file read. This is due to a change in how Python handles root-relative paths, bypassing Gradio's traversal protection.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-36
  • Attack Vector: Network
  • CVSS Score: 7.5 (High)
  • Impact: Arbitrary File Read
  • Platform: Windows / Python 3.13+
  • Exploit Status: PoC Available

Affected Systems

  • Gradio < 6.7
  • Gradio: < 6.7 (Fixed in: 6.7)

Code Analysis

Commit: 6011b00

Fix path traversal vulnerability by explicitly checking for leading slashes

--- a/gradio/utils.py
+++ b/gradio/utils.py
@@ -1696,6 +1696,7 @@ def safe_join(directory: DeveloperPath, path: UserProvidedPath) -> str:
     if (
         any(sep in filename for sep in _os_alt_seps)
         or os.path.isabs(filename)
+        or filename.startswith("/")
         or filename == ".."
         or filename.startswith("../")
     ):
Enter fullscreen mode Exit fullscreen mode

Mitigation Strategies

  • Upgrade Gradio to version 6.7+
  • Downgrade Python runtime to < 3.13
  • Migrate deployment to Linux/Containerized environment

Remediation Steps:

  1. Identify systems running Gradio on Windows with Python 3.13+.
  2. Stop the running Gradio service.
  3. Execute pip install gradio>=6.7.
  4. Restart the service.
  5. Verify the patch by attempting to access a known system file (e.g., /Windows/win.ini) via the /file= endpoint.

References

Read the full report for CVE-2026-28414 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)