An issue was discovered in gradio-app/gradio, where the /component_server endpoint improperly allows the invocation of any method on a Component class with attacker-controlled arguments. Specifically, by exploiting the move_resource_to_block_cache() method of the Block class, an attacker can copy any file on the filesystem to a temporary directory and subsequently retrieve it. This vulnerability enables unauthorized local file read access, posing a significant risk especially when the application is exposed to the internet via launch(share=True), thereby allowing remote attackers to read files on the host machine. Furthermore, gradio apps hosted on huggingface.co are also affected, potentially leading to the exposure of sensitive information such as API keys and credentials stored in environment variables.
CVE-2024-1561
Score elevated to 9.0 because EPSS predicts 93% probability of exploitation within the next 30 days (top 0.2% of all CVEs). NVD baseline CVSS 7.5 retained for reference. Confidence: see factors.
- High severity, but no confirmed exploitation yet
No vendor fix yet — apply a workaround or compensating control (WAF / firewall / segmentation) and watch for a patch.
- CVSS v3
- 7.5
- EG Score
- 9.0(high)
- EPSS
- 94.8%
- KEV
- Not listed
Published
April 16, 2024
Last Modified
July 30, 2025
References (6)
- security@huntrhttps://github.com/gradio-app/gradio/commit/24a583688046867ca8b8b02959c441818bdb34a2
- security@huntrhttps://huntr.com/bounties/4acf584e-2fe8-490e-878d-2d9bf2698338
- security@huntrhttps://www.gradio.app/changelog#4-13-0
- af854a3a-2127-422b-91ae-364da2661108https://github.com/gradio-app/gradio/commit/24a583688046867ca8b8b02959c441818bdb34a2
- af854a3a-2127-422b-91ae-364da2661108https://huntr.com/bounties/4acf584e-2fe8-490e-878d-2d9bf2698338
- af854a3a-2127-422b-91ae-364da2661108https://www.gradio.app/changelog#4-13-0
Affected Packages
(1 across 1 ecosystem)
PyPI(1)
| Package | Vulnerable range | Fixed in | Dependents |
|---|---|---|---|
| gradio | 0.1.0 ... 4.9.1 (508 versions) | 4.13.0 | — |
Weakness Classification(1)
MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
Data Freshness Timeline
(refreshed 8× in last 7d / 41× in last 30d)
Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.
- 2026-07-11 08:26 UTCEPSS rescore
- 2026-07-09 19:09 UTCEPSS rescore
- 2026-07-08 15:13 UTCEPSS rescore
- 2026-07-07 13:45 UTCEPSS rescore
- 2026-07-07 13:45 UTCEPSS rescore
- 2026-07-06 16:26 UTCEPSS rescore
- 2026-07-06 02:22 UTCEPSS rescore
- 2026-07-06 02:22 UTCEPSS rescore
- 2026-07-05 02:29 UTCEPSS rescore
- 2026-07-04 06:30 UTCEPSS rescore
- 2026-07-04 06:30 UTCEPSS rescore
- 2026-07-01 15:05 UTCEPSS rescore
- 2026-06-30 23:21 UTCEPSS rescore
- 2026-06-30 23:21 UTCEPSS rescore
- 2026-06-29 14:05 UTCEPSS rescore
- 2026-06-28 04:55 UTCEPSS rescore
- 2026-06-27 03:07 UTCEPSS rescore
- 2026-06-27 03:07 UTCEPSS rescore
- 2026-06-26 14:39 UTCOSV refresh
- 2026-06-25 13:48 UTCEPSS rescore
- 2026-06-24 14:04 UTCEPSS rescore
- 2026-06-24 14:04 UTCEPSS rescore
- 2026-06-23 21:32 UTCEPSS rescore
- 2026-06-23 21:31 UTCEPSS rescore
- 2026-06-22 14:24 UTCEPSS rescore
Show 22 moreShow fewer
- 2026-06-22 14:24 UTCEPSS rescore
- 2026-06-21 14:55 UTCEPSS rescore
- 2026-06-21 14:55 UTCEPSS rescore
- 2026-06-21 01:58 UTCEPSS rescore
- 2026-06-21 01:58 UTCEPSS rescore
- 2026-06-19 19:24 UTCEPSS rescore
- 2026-06-19 19:24 UTCEPSS rescore
- 2026-06-18 17:51 UTCEPSS rescore
- 2026-06-17 17:52 UTCEPSS rescore
- 2026-06-17 17:51 UTCEPSS rescore
- 2026-06-16 17:51 UTCEPSS rescore
- 2026-06-16 17:51 UTCEPSS rescore
- 2026-06-15 17:47 UTCEPSS rescore
- 2026-06-14 23:16 UTCEPSS rescore
- 2026-06-12 23:11 UTCEPSS rescore
- 2026-06-12 23:11 UTCEPSS rescore
- 2026-06-08 21:11 UTCOSV refresh
- 2026-06-05 22:46 UTCEPSS rescore
- 2026-06-05 22:46 UTCEPSS rescore
- 2026-06-01 13:51 UTCEPSS rescore
- 2026-06-01 13:51 UTCEPSS rescore
- 2026-05-24 04:29 UTCEG score recompute
Publicly available exploits
(3 references)Working exploit code is in the public domain (2 GitHub PoCs). Defenders should treat patch urgency accordingly — public PoCs typically lead to mass-exploitation within 24-72 hours.
- GitHub PoCDiabloHTB/Nuclei-Template-CVE-2024-1561First seen May 12, 2024
Nuclei Templates
Open source ↗ - GitHub PoCDiabloHTB/CVE-2024-1561First seen May 11, 2024
Poc for CVE-2024-1561 affecting Gradio 4.12.0
Open source ↗ - Nucleihttp/cves/2024/CVE-2024-1561.yamlFirst seen Jan 1, 2024
Gradio 4.3-4.12 - Local File Read
Open source ↗
Frequently asked(5)
What is CVE-2024-1561?
When was CVE-2024-1561 disclosed?
Is CVE-2024-1561 actively exploited?
What is the CVSS score of CVE-2024-1561?
How do I remediate CVE-2024-1561?
Dependency Blast Radius
See which npm, PyPI, Go, and Maven packages are affected by CVE-2024-1561
Is Your Infrastructure Affected by CVE-2024-1561?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.