Gradio 6.16.0 Patches Path Traversal, OAuth, and SSRF

Gradio 6.16.0 patches three security vulnerabilities: path traversal in gr.FileExplorer, an open-redirect bypass in OAuth, and SSRF in Image/Gallery/Audio post-processing. Upgrade immediately.

1 min read|agenticonsult Intelligence

Gradio 6.16.0 Patches Path Traversal, OAuth, and SSRF

Gradio has released version 6.16.0 with patches for three security vulnerabilities: a path traversal flaw in gr.FileExplorer, an open-redirect bypass in the OAuth flow, and Server-Side Request Forgery in Image, Gallery, and Audio component post-processing. The release also adds a configurable GRADIO_HEARTBEAT_INTERVAL environment variable and an improved MCP browser landing page.

Why It Matters

Gradio is widely deployed in ML demos, research interfaces, and production AI UIs. Path traversal and SSRF vulnerabilities in shared multi-user environments represent meaningful attack surface — any public-facing Gradio deployment should upgrade immediately.

Primary source

Gradio

#security #open-source

Discuss onLinkedIn X

This breaking-news item was assembled from the cited primary source with AI assistance. It is intended for rapid situational awareness — refer to the original publication for the definitive statement.

View all live intel

Live Intel Feed

10:09 AMLindy Switches 100% of Traffic to DeepSeek v4, Leaves Anthropic 10:09 AMLlamaIndex CEO: Framework Era Is Over, Pivots to Managed Infra 10:09 AMNVIDIA RTX Spark: 128GB Unified Memory for On-Device AI