Gradio 5 security audit mitigates CORS, SSRF, RCE risks in Gradio API Server and Spaces deployments

AI Impact Summary

Gradio 5 includes a preemptive security audit by Trail of Bits and incorporates mitigations for a wide range of risks across local, Hugging Face Spaces, and share-link deployments. Major findings include CORS misconfigurations that could expose tokens, GET-based SSRF enabling access to internal endpoints, arbitrary file uploads that could host XSS payloads, race conditions that redirect user traffic, and a misconfigured nginx-driven Docker API exposing RCE via the unauthenticated API. All fixes are included in the Gradio 5.0 release and validated by Trail of Bits, so apps built with Gradio 5 benefit from safer defaults without significant code changes. Ongoing risk remains around deployment configurations and CI pipelines (GitHub Actions), as well as Frp-based tunneling and Docker exposure in hosted setups.