CVE-2024-10648: A path traversal vulnerability exists in the Gradio Audio component of gradio-app/gradio, as of version git 98cbcae. Thi
Summary
CVE-2024-10648 is a path traversal vulnerability (a flaw where an attacker manipulates file paths to access unintended files) in Gradio's Audio component that lets attackers control audio file formats and delete file contents, potentially causing a denial of service (a situation where a system becomes unavailable to legitimate users). By changing the output format, an attacker can empty any file on the server.
Vulnerability Details
EPSS: 0.2%
Classification
Taxonomy References
Affected Vendors
Related Issues
CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling
CVE-2026-26190: Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus expose
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-10648
First tracked: February 15, 2026 at 08:47 PM
Classified by LLM (prompt v3) · confidence: 85%