A newly discovered vulnerability in Streamlit enables cybercriminals to execute cloud account takeover attacks.

A critical vulnerability in Streamlit, a widely used open-source framework for building data applications, has been identified, enabling attackers to execute cloud account takeover attacks. Discovered in February 2025, this flaw exploits weaknesses in Streamlit’s st.file_uploader component, allowing attackers to bypass file type restrictions and gain unauthorised access to cloud instances running Streamlit applications. This vulnerability highlights how seemingly minor components can pose significant security risks, especially when deployed in misconfigured cloud environments. The implications of this vulnerability are severe, as it could lead to financial data tampering and unauthorised access to sensitive information.

The vulnerability stems from improper file type enforcement in Streamlit’s file upload widget, where restrictions were only applied client-side through JavaScript, lacking server-side validation. Security researchers demonstrated that attackers could utilise proxy tools like Burp Suite to intercept upload requests and modify file extensions during transit, effectively bypassing frontend restrictions. The attack chain involves uploading malicious files disguised as legitimate ones, such as renaming a malicious .exe file to appear as a PDF. This could escalate to directory traversal attacks, allowing threat actors to overwrite critical system files with their SSH public keys, granting passwordless remote access to compromised cloud instances. The potential consequences for financial institutions are alarming, as compromised instances could manipulate data ingestion, leading to undetected market manipulation and triggering cascading effects in automated trading systems. Streamlit has acknowledged the vulnerability and released a patch in version 1.43.2 to address the issue.