Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/mlflow@2.21.2
Typepypi
Namespace
Namemlflow
Version2.21.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.11.0
Latest_non_vulnerable_version3.11.1
Affected_by_vulnerabilities
0
url VCID-1rkq-1ed6-fkd8
vulnerability_id VCID-1rkq-1ed6-fkd8
summary mlflow/mlflow: mlflow/mlflow: Information disclosure and unauthorized data modification via unprotected tracing and assessment endpoints
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15381.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15381.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-15381
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02257
published_at 2026-06-06T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.0225
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-15381
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/blob/b569ebc74c14af593c326143bee2df44a5d59edf/mlflow/server/auth/__init__.py#L752
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/blob/b569ebc74c14af593c326143bee2df44a5d59edf/mlflow/server/auth/__init__.py#L752
4
reference_url https://huntr.com/bounties/149fb2f9-ef4b-4136-a25c-20563451904c
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-27T16:58:49Z/
url https://huntr.com/bounties/149fb2f9-ef4b-4136-a25c-20563451904c
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-15381
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-15381
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452341
reference_id 2452341
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452341
7
reference_url https://github.com/advisories/GHSA-g6pg-52vf-843h
reference_id GHSA-g6pg-52vf-843h
reference_type
scores
url https://github.com/advisories/GHSA-g6pg-52vf-843h
fixed_packages
0
url pkg:pypi/mlflow@3.9.0rc0
purl pkg:pypi/mlflow@3.9.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-57gp-hzcs-nubp
1
vulnerability VCID-cu1t-7wnm-y7hk
2
vulnerability VCID-g9p5-4cqv-qfew
3
vulnerability VCID-hu7e-n16j-rubw
4
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0rc0
aliases CVE-2025-15381, GHSA-g6pg-52vf-843h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1rkq-1ed6-fkd8
1
url VCID-2p2m-e3dw-kuhs
vulnerability_id VCID-2p2m-e3dw-kuhs
summary 
mlflow Creates of Temporary File in Directory with Insecure Permissions
In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions (0o777). This vulnerability allows an attacker with write access to the `/tmp` directory to exploit a race condition and overwrite `.py` files in the virtual environment, leading to arbitrary code execution. The issue is resolved in version 3.4.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-10279
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00687
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-10279
1
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
2
reference_url https://github.com/mlflow/mlflow/commit/1d7c8d4cf0a67d407499a8a4ffac387ea4f8194a
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-02-02T17:48:06Z/
url https://github.com/mlflow/mlflow/commit/1d7c8d4cf0a67d407499a8a4ffac387ea4f8194a
3
reference_url https://huntr.com/bounties/01d3b81e-13d1-43aa-b91a-443aec68bdc8
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-02-02T17:48:06Z/
url https://huntr.com/bounties/01d3b81e-13d1-43aa-b91a-443aec68bdc8
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-10279
reference_id CVE-2025-10279
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-10279
5
reference_url https://github.com/advisories/GHSA-4x5p-f36r-mxxr
reference_id GHSA-4x5p-f36r-mxxr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4x5p-f36r-mxxr
fixed_packages
0
url pkg:pypi/mlflow@3.4.0rc0
purl pkg:pypi/mlflow@3.4.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-57gp-hzcs-nubp
2
vulnerability VCID-5a75-gxh6-5bak
3
vulnerability VCID-cu1t-7wnm-y7hk
4
vulnerability VCID-g9p5-4cqv-qfew
5
vulnerability VCID-hu7e-n16j-rubw
6
vulnerability VCID-nzpp-uvn2-97dn
7
vulnerability VCID-rkbn-tn99-rucq
8
vulnerability VCID-shfs-2f4g-13dm
9
vulnerability VCID-tbbj-9qan-ubgg
10
vulnerability VCID-twnx-dt83-nuf3
11
vulnerability VCID-v436-quyu-1kav
12
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.4.0rc0
aliases CVE-2025-10279, GHSA-4x5p-f36r-mxxr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2p2m-e3dw-kuhs
2
url VCID-57gp-hzcs-nubp
vulnerability_id VCID-57gp-hzcs-nubp
summary A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit has been published and may be used. The project was informed of the problem early through a pull request but has not reacted yet.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-10803
reference_id
reference_type
scores
0
value 9e-05
scoring_system epss
scoring_elements 0.0098
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-10803
1
reference_url https://github.com/mlflow/mlflow/
reference_id
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://github.com/mlflow/mlflow/
2
reference_url https://github.com/mlflow/mlflow/issues/22419
reference_id
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://github.com/mlflow/mlflow/issues/22419
3
reference_url https://github.com/mlflow/mlflow/pull/22420
reference_id
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://github.com/mlflow/mlflow/pull/22420
4
reference_url https://vuldb.com/cve/CVE-2026-10803
reference_id
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://vuldb.com/cve/CVE-2026-10803
5
reference_url https://vuldb.com/submit/831462
reference_id
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://vuldb.com/submit/831462
6
reference_url https://vuldb.com/vuln/368252
reference_id
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://vuldb.com/vuln/368252
7
reference_url https://vuldb.com/vuln/368252/cti
reference_id
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://vuldb.com/vuln/368252/cti
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mlflow:mlflow:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mlflow:mlflow:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mlflow:mlflow:*:*:*:*:*:*:*:*
fixed_packages
0
url pkg:pypi/mlflow@3.10.1
purl pkg:pypi/mlflow@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cu1t-7wnm-y7hk
1
vulnerability VCID-g9p5-4cqv-qfew
2
vulnerability VCID-hu7e-n16j-rubw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.10.1
aliases BIT-mlflow-2026-10803, CVE-2026-10803, PYSEC-2026-195
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57gp-hzcs-nubp
3
url VCID-5a75-gxh6-5bak
vulnerability_id VCID-5a75-gxh6-5bak
summary 
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2033.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2033.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2033
reference_id
reference_type
scores
0
value 0.18428
scoring_system epss
scoring_elements 0.95369
published_at 2026-06-06T12:55:00Z
1
value 0.18428
scoring_system epss
scoring_elements 0.95367
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2033
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/commit/5bf2ec2bd4222a18d78631183ac7f6b752afe8a4
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/5bf2ec2bd4222a18d78631183ac7f6b752afe8a4
4
reference_url https://github.com/mlflow/mlflow/pull/19260
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:54Z/
url https://github.com/mlflow/mlflow/pull/19260
5
reference_url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
6
reference_url https://www.zerodayinitiative.com/advisories/ZDI-26-105
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-26-105
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2441508
reference_id 2441508
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2441508
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-2033
reference_id CVE-2026-2033
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-2033
9
reference_url https://github.com/advisories/GHSA-q2r8-vmq7-fpx2
reference_id GHSA-q2r8-vmq7-fpx2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q2r8-vmq7-fpx2
10
reference_url https://www.zerodayinitiative.com/advisories/ZDI-26-105/
reference_id ZDI-26-105
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:54Z/
url https://www.zerodayinitiative.com/advisories/ZDI-26-105/
fixed_packages
0
url pkg:pypi/mlflow@3.8.0rc0
purl pkg:pypi/mlflow@3.8.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-57gp-hzcs-nubp
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-g9p5-4cqv-qfew
4
vulnerability VCID-hu7e-n16j-rubw
5
vulnerability VCID-nzpp-uvn2-97dn
6
vulnerability VCID-shfs-2f4g-13dm
7
vulnerability VCID-v436-quyu-1kav
8
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.8.0rc0
aliases CVE-2026-2033, GHSA-q2r8-vmq7-fpx2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5a75-gxh6-5bak
4
url VCID-b5eg-nt7k-z7fw
vulnerability_id VCID-b5eg-nt7k-z7fw
summary 
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of model file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26921.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11201
reference_id
reference_type
scores
0
value 0.17936
scoring_system epss
scoring_elements 0.95282
published_at 2026-06-06T12:55:00Z
1
value 0.17936
scoring_system epss
scoring_elements 0.9528
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11201
1
reference_url https://github.com/B-Step62/mlflow/commit/2e02bc7bb70df243e6eb792689d9b8eba0013161
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:31Z/
url https://github.com/B-Step62/mlflow/commit/2e02bc7bb70df243e6eb792689d9b8eba0013161
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/commit/5f98ff98659dddb188591ecf6b10a4e276a0dba7
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/5f98ff98659dddb188591ecf6b10a4e276a0dba7
4
reference_url https://github.com/mlflow/mlflow/commit/e7dc0574fa3459e0003cfeb68d4e4a625491f03d
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/e7dc0574fa3459e0003cfeb68d4e4a625491f03d
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-931
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-25-931
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-11201
reference_id CVE-2025-11201
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-11201
7
reference_url https://github.com/advisories/GHSA-5cvj-7rg6-jggj
reference_id GHSA-5cvj-7rg6-jggj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5cvj-7rg6-jggj
8
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-931/
reference_id ZDI-25-931
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:31Z/
url https://www.zerodayinitiative.com/advisories/ZDI-25-931/
fixed_packages
0
url pkg:pypi/mlflow@2.22.4
purl pkg:pypi/mlflow@2.22.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-2p2m-e3dw-kuhs
2
vulnerability VCID-57gp-hzcs-nubp
3
vulnerability VCID-5a75-gxh6-5bak
4
vulnerability VCID-cu1t-7wnm-y7hk
5
vulnerability VCID-g9p5-4cqv-qfew
6
vulnerability VCID-hu7e-n16j-rubw
7
vulnerability VCID-nzpp-uvn2-97dn
8
vulnerability VCID-rcqb-2498-77e2
9
vulnerability VCID-rkbn-tn99-rucq
10
vulnerability VCID-shfs-2f4g-13dm
11
vulnerability VCID-tbbj-9qan-ubgg
12
vulnerability VCID-twnx-dt83-nuf3
13
vulnerability VCID-v436-quyu-1kav
14
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.22.4
1
url pkg:pypi/mlflow@3.0.0
purl pkg:pypi/mlflow@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-2p2m-e3dw-kuhs
2
vulnerability VCID-57gp-hzcs-nubp
3
vulnerability VCID-5a75-gxh6-5bak
4
vulnerability VCID-cu1t-7wnm-y7hk
5
vulnerability VCID-g9p5-4cqv-qfew
6
vulnerability VCID-hu7e-n16j-rubw
7
vulnerability VCID-nzpp-uvn2-97dn
8
vulnerability VCID-rcqb-2498-77e2
9
vulnerability VCID-rkbn-tn99-rucq
10
vulnerability VCID-shfs-2f4g-13dm
11
vulnerability VCID-tbbj-9qan-ubgg
12
vulnerability VCID-twnx-dt83-nuf3
13
vulnerability VCID-v436-quyu-1kav
14
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.0.0
aliases CVE-2025-11201, GHSA-5cvj-7rg6-jggj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b5eg-nt7k-z7fw
5
url VCID-cu1t-7wnm-y7hk
vulnerability_id VCID-cu1t-7wnm-y7hk
summary 
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to access.

 
This issue affects MLflow version through 3.10.1
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33866.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33866.json
1
reference_url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:12:33Z/
url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33866
reference_id
reference_type
scores
0
value 9e-05
scoring_system epss
scoring_elements 0.01039
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33866
3
reference_url https://cert.pl/en/posts/2026/04/CVE-2026-33865
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert.pl/en/posts/2026/04/CVE-2026-33865
4
reference_url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:12:33Z/
url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
5
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
6
reference_url https://github.com/mlflow/mlflow/commit/005b959cacda05d1423356cfcbd9ebeda8ff96a7
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/005b959cacda05d1423356cfcbd9ebeda8ff96a7
7
reference_url https://github.com/mlflow/mlflow/pull/21708
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:12:33Z/
url https://github.com/mlflow/mlflow/pull/21708
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2026-94.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2026-94.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33866
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33866
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455900
reference_id 2455900
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455900
11
reference_url https://github.com/advisories/GHSA-46r5-x6jq-v8g6
reference_id GHSA-46r5-x6jq-v8g6
reference_type
scores
url https://github.com/advisories/GHSA-46r5-x6jq-v8g6
fixed_packages
0
url pkg:pypi/mlflow@3.11.0rc0
purl pkg:pypi/mlflow@3.11.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-g9p5-4cqv-qfew
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.11.0rc0
aliases BIT-mlflow-2026-33866, CVE-2026-33866, GHSA-46r5-x6jq-v8g6, PYSEC-2026-94
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cu1t-7wnm-y7hk
6
url VCID-g8qn-qss3-sqcc
vulnerability_id VCID-g8qn-qss3-sqcc
summary 
MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of passwords. The issue results from weak password requirements. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26916.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11200
reference_id
reference_type
scores
0
value 0.00234
scoring_system epss
scoring_elements 0.46415
published_at 2026-06-06T12:55:00Z
1
value 0.00234
scoring_system epss
scoring_elements 0.46413
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11200
1
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
2
reference_url https://github.com/mlflow/mlflow/commit/1f74f3f24d8273927b8db392c23e108576936c54
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:32Z/
url https://github.com/mlflow/mlflow/commit/1f74f3f24d8273927b8db392c23e108576936c54
3
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-932
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-25-932
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-11200
reference_id CVE-2025-11200
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-11200
5
reference_url https://github.com/advisories/GHSA-6xj8-rrqx-r4cv
reference_id GHSA-6xj8-rrqx-r4cv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6xj8-rrqx-r4cv
6
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-932/
reference_id ZDI-25-932
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:32Z/
url https://www.zerodayinitiative.com/advisories/ZDI-25-932/
fixed_packages
0
url pkg:pypi/mlflow@2.22.0rc0
purl pkg:pypi/mlflow@2.22.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-2p2m-e3dw-kuhs
2
vulnerability VCID-57gp-hzcs-nubp
3
vulnerability VCID-5a75-gxh6-5bak
4
vulnerability VCID-b5eg-nt7k-z7fw
5
vulnerability VCID-cu1t-7wnm-y7hk
6
vulnerability VCID-g8qn-qss3-sqcc
7
vulnerability VCID-g9p5-4cqv-qfew
8
vulnerability VCID-hu7e-n16j-rubw
9
vulnerability VCID-nzpp-uvn2-97dn
10
vulnerability VCID-rcqb-2498-77e2
11
vulnerability VCID-rkbn-tn99-rucq
12
vulnerability VCID-shfs-2f4g-13dm
13
vulnerability VCID-tbbj-9qan-ubgg
14
vulnerability VCID-twnx-dt83-nuf3
15
vulnerability VCID-v436-quyu-1kav
16
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.22.0rc0
1
url pkg:pypi/mlflow@2.22.0
purl pkg:pypi/mlflow@2.22.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-2p2m-e3dw-kuhs
2
vulnerability VCID-57gp-hzcs-nubp
3
vulnerability VCID-5a75-gxh6-5bak
4
vulnerability VCID-b5eg-nt7k-z7fw
5
vulnerability VCID-cu1t-7wnm-y7hk
6
vulnerability VCID-g9p5-4cqv-qfew
7
vulnerability VCID-hu7e-n16j-rubw
8
vulnerability VCID-nzpp-uvn2-97dn
9
vulnerability VCID-rcqb-2498-77e2
10
vulnerability VCID-rkbn-tn99-rucq
11
vulnerability VCID-shfs-2f4g-13dm
12
vulnerability VCID-tbbj-9qan-ubgg
13
vulnerability VCID-twnx-dt83-nuf3
14
vulnerability VCID-v436-quyu-1kav
15
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.22.0
aliases CVE-2025-11200, GHSA-6xj8-rrqx-r4cv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8qn-qss3-sqcc
7
url VCID-g9p5-4cqv-qfew
vulnerability_id VCID-g9p5-4cqv-qfew
summary 
MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actions such as session hijacking or performing operations on behalf of the victim. 

This issue affects MLflow version through 3.10.1
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33865.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33865.json
1
reference_url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:13:51Z/
url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33865
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01323
published_at 2026-06-06T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01319
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33865
3
reference_url https://cert.pl/en/posts/2026/04/CVE-2026-33865
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert.pl/en/posts/2026/04/CVE-2026-33865
4
reference_url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:13:51Z/
url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
5
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
6
reference_url https://github.com/mlflow/mlflow/commit/aca4dd0ec88a12f7655155c224371280e9b45dda
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/aca4dd0ec88a12f7655155c224371280e9b45dda
7
reference_url https://github.com/mlflow/mlflow/pull/21435
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:13:51Z/
url https://github.com/mlflow/mlflow/pull/21435
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2026-93.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2026-93.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33865
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33865
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455899
reference_id 2455899
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455899
11
reference_url https://github.com/advisories/GHSA-fh64-r2vc-xvhr
reference_id GHSA-fh64-r2vc-xvhr
reference_type
scores
url https://github.com/advisories/GHSA-fh64-r2vc-xvhr
fixed_packages
0
url pkg:pypi/mlflow@3.11.0rc0
purl pkg:pypi/mlflow@3.11.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-g9p5-4cqv-qfew
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.11.0rc0
1
url pkg:pypi/mlflow@3.11.1
purl pkg:pypi/mlflow@3.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.11.1
aliases BIT-mlflow-2026-33865, CVE-2026-33865, GHSA-fh64-r2vc-xvhr, PYSEC-2026-93
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g9p5-4cqv-qfew
8
url VCID-hu7e-n16j-rubw
vulnerability_id VCID-hu7e-n16j-rubw
summary mlflow/mlflow: mlflow/mlflow: Unauthenticated remote code execution via unprotected job endpoints
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0545.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0545.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0545
reference_id
reference_type
scores
0
value 0.10825
scoring_system epss
scoring_elements 0.93509
published_at 2026-06-06T12:55:00Z
1
value 0.10825
scoring_system epss
scoring_elements 0.93508
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0545
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://huntr.com/bounties/b2e5b028-9541-4d29-8703-a76f1a3734d8
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T17:48:47Z/
url https://huntr.com/bounties/b2e5b028-9541-4d29-8703-a76f1a3734d8
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-0545
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-0545
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454889
reference_id 2454889
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454889
6
reference_url https://github.com/advisories/GHSA-7qhf-v65m-g5f3
reference_id GHSA-7qhf-v65m-g5f3
reference_type
scores
url https://github.com/advisories/GHSA-7qhf-v65m-g5f3
fixed_packages
0
url pkg:pypi/mlflow@3.11.0rc0
purl pkg:pypi/mlflow@3.11.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-g9p5-4cqv-qfew
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.11.0rc0
aliases CVE-2026-0545, GHSA-7qhf-v65m-g5f3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hu7e-n16j-rubw
9
url VCID-nzpp-uvn2-97dn
vulnerability_id VCID-nzpp-uvn2-97dn
summary mlflow: MLflow: Arbitrary command execution via command injection in model serving container initialization.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15379.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15379.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-15379
reference_id
reference_type
scores
0
value 0.00269
scoring_system epss
scoring_elements 0.50641
published_at 2026-06-05T12:55:00Z
1
value 0.00281
scoring_system epss
scoring_elements 0.5182
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-15379
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/commit/361b6f620adf98385c6721e384fb5ef9a30bb05e
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-31T03:55:37Z/
url https://github.com/mlflow/mlflow/commit/361b6f620adf98385c6721e384fb5ef9a30bb05e
4
reference_url https://github.com/mlflow/mlflow/commit/a22ce7157f646bdce4c95106fc38ccc9ca289205
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/a22ce7157f646bdce4c95106fc38ccc9ca289205
5
reference_url https://huntr.com/bounties/dc9c1c20-7879-4050-87df-4d095fe5ca75
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-31T03:55:37Z/
url https://huntr.com/bounties/dc9c1c20-7879-4050-87df-4d095fe5ca75
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-15379
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-15379
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452949
reference_id 2452949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452949
8
reference_url https://github.com/advisories/GHSA-r23q-823p-vmf7
reference_id GHSA-r23q-823p-vmf7
reference_type
scores
url https://github.com/advisories/GHSA-r23q-823p-vmf7
fixed_packages
0
url pkg:pypi/mlflow@3.8.1
purl pkg:pypi/mlflow@3.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-57gp-hzcs-nubp
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-g9p5-4cqv-qfew
4
vulnerability VCID-hu7e-n16j-rubw
5
vulnerability VCID-nzpp-uvn2-97dn
6
vulnerability VCID-shfs-2f4g-13dm
7
vulnerability VCID-v436-quyu-1kav
8
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.8.1
1
url pkg:pypi/mlflow@3.9.0rc0
purl pkg:pypi/mlflow@3.9.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-57gp-hzcs-nubp
1
vulnerability VCID-cu1t-7wnm-y7hk
2
vulnerability VCID-g9p5-4cqv-qfew
3
vulnerability VCID-hu7e-n16j-rubw
4
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0rc0
aliases CVE-2025-15379, GHSA-r23q-823p-vmf7
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nzpp-uvn2-97dn
10
url VCID-rcqb-2498-77e2
vulnerability_id VCID-rcqb-2498-77e2
summary gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-52967
reference_id
reference_type
scores
0
value 0.00247
scoring_system epss
scoring_elements 0.48218
published_at 2026-06-06T12:55:00Z
1
value 0.00247
scoring_system epss
scoring_elements 0.48214
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-52967
1
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
2
reference_url https://github.com/mlflow/mlflow/issues/15944
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-23T20:12:42Z/
url https://github.com/mlflow/mlflow/issues/15944
3
reference_url https://github.com/mlflow/mlflow/pull/15970
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-23T20:12:42Z/
url https://github.com/mlflow/mlflow/pull/15970
4
reference_url https://github.com/mlflow/mlflow/releases/tag/v2.22.2
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/releases/tag/v2.22.2
5
reference_url https://github.com/mlflow/mlflow/releases/tag/v3.1.0
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-23T20:12:42Z/
url https://github.com/mlflow/mlflow/releases/tag/v3.1.0
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2025-52.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2025-52.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-52967
reference_id CVE-2025-52967
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-52967
8
reference_url https://github.com/advisories/GHSA-wxj7-3fx5-pp9m
reference_id GHSA-wxj7-3fx5-pp9m
reference_type
scores
url https://github.com/advisories/GHSA-wxj7-3fx5-pp9m
fixed_packages
0
url pkg:pypi/mlflow@2.22.2
purl pkg:pypi/mlflow@2.22.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-2p2m-e3dw-kuhs
2
vulnerability VCID-57gp-hzcs-nubp
3
vulnerability VCID-5a75-gxh6-5bak
4
vulnerability VCID-b5eg-nt7k-z7fw
5
vulnerability VCID-cu1t-7wnm-y7hk
6
vulnerability VCID-g9p5-4cqv-qfew
7
vulnerability VCID-hu7e-n16j-rubw
8
vulnerability VCID-nzpp-uvn2-97dn
9
vulnerability VCID-rcqb-2498-77e2
10
vulnerability VCID-rkbn-tn99-rucq
11
vulnerability VCID-shfs-2f4g-13dm
12
vulnerability VCID-tbbj-9qan-ubgg
13
vulnerability VCID-twnx-dt83-nuf3
14
vulnerability VCID-v436-quyu-1kav
15
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.22.2
1
url pkg:pypi/mlflow@3.1.0
purl pkg:pypi/mlflow@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-2p2m-e3dw-kuhs
2
vulnerability VCID-57gp-hzcs-nubp
3
vulnerability VCID-5a75-gxh6-5bak
4
vulnerability VCID-cu1t-7wnm-y7hk
5
vulnerability VCID-g9p5-4cqv-qfew
6
vulnerability VCID-hu7e-n16j-rubw
7
vulnerability VCID-nzpp-uvn2-97dn
8
vulnerability VCID-rkbn-tn99-rucq
9
vulnerability VCID-shfs-2f4g-13dm
10
vulnerability VCID-tbbj-9qan-ubgg
11
vulnerability VCID-twnx-dt83-nuf3
12
vulnerability VCID-v436-quyu-1kav
13
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.1.0
aliases BIT-mlflow-2025-52967, CVE-2025-52967, GHSA-wxj7-3fx5-pp9m, PYSEC-2025-52
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rcqb-2498-77e2
11
url VCID-rkbn-tn99-rucq
vulnerability_id VCID-rkbn-tn99-rucq
summary mlflow: MLflow: Arbitrary command execution via unsanitized container image names
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14287.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14287.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14287
reference_id
reference_type
scores
0
value 0.0034
scoring_system epss
scoring_elements 0.57007
published_at 2026-06-06T12:55:00Z
1
value 0.0034
scoring_system epss
scoring_elements 0.57
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14287
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/commit/8b8792a7034fb33a14b0b31cabcaa9b912d3485f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/8b8792a7034fb33a14b0b31cabcaa9b912d3485f
4
reference_url https://github.com/mlflow/mlflow/pull/19277
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/pull/19277
5
reference_url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
6
reference_url https://huntr.com/bounties/229cd526-41aa-4819-b6f0-e2d0371c89e3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-17T03:55:37Z/
url https://huntr.com/bounties/229cd526-41aa-4819-b6f0-e2d0371c89e3
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-14287
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-14287
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2447690
reference_id 2447690
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2447690
9
reference_url https://github.com/advisories/GHSA-xch3-2f9x-wh9f
reference_id GHSA-xch3-2f9x-wh9f
reference_type
scores
url https://github.com/advisories/GHSA-xch3-2f9x-wh9f
fixed_packages
0
url pkg:pypi/mlflow@3.8.0rc0
purl pkg:pypi/mlflow@3.8.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-57gp-hzcs-nubp
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-g9p5-4cqv-qfew
4
vulnerability VCID-hu7e-n16j-rubw
5
vulnerability VCID-nzpp-uvn2-97dn
6
vulnerability VCID-shfs-2f4g-13dm
7
vulnerability VCID-v436-quyu-1kav
8
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.8.0rc0
aliases CVE-2025-14287, GHSA-xch3-2f9x-wh9f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rkbn-tn99-rucq
12
url VCID-shfs-2f4g-13dm
vulnerability_id VCID-shfs-2f4g-13dm
summary mlflow: mlflow: Path traversal vulnerability allows arbitrary file overwrite and privilege escalation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15036.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15036.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-15036
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.11572
published_at 2026-06-05T12:55:00Z
1
value 0.00043
scoring_system epss
scoring_elements 0.13673
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-15036
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/commit/3bf6d81ac4d38654c8ff012dbd0c3e9f17e7e346
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-30T14:01:01Z/
url https://github.com/mlflow/mlflow/commit/3bf6d81ac4d38654c8ff012dbd0c3e9f17e7e346
4
reference_url https://huntr.com/bounties/36c314cf-fd6e-4fb0-b9b0-1b47bcdf0eb0
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-30T14:01:01Z/
url https://huntr.com/bounties/36c314cf-fd6e-4fb0-b9b0-1b47bcdf0eb0
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-15036
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-15036
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452925
reference_id 2452925
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452925
7
reference_url https://github.com/advisories/GHSA-vhcx-3pq2-4fvc
reference_id GHSA-vhcx-3pq2-4fvc
reference_type
scores
url https://github.com/advisories/GHSA-vhcx-3pq2-4fvc
fixed_packages
0
url pkg:pypi/mlflow@3.9.0rc0
purl pkg:pypi/mlflow@3.9.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-57gp-hzcs-nubp
1
vulnerability VCID-cu1t-7wnm-y7hk
2
vulnerability VCID-g9p5-4cqv-qfew
3
vulnerability VCID-hu7e-n16j-rubw
4
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0rc0
aliases CVE-2025-15036, GHSA-vhcx-3pq2-4fvc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-shfs-2f4g-13dm
13
url VCID-tbbj-9qan-ubgg
vulnerability_id VCID-tbbj-9qan-ubgg
summary 
MLflow Use of Default Password Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the basic_auth.ini file. The file contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of the administrator.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2635.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2635.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2635
reference_id
reference_type
scores
0
value 0.01519
scoring_system epss
scoring_elements 0.81599
published_at 2026-06-06T12:55:00Z
1
value 0.01519
scoring_system epss
scoring_elements 0.81596
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2635
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/commit/5bf2ec2bd4222a18d78631183ac7f6b752afe8a4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/5bf2ec2bd4222a18d78631183ac7f6b752afe8a4
4
reference_url https://github.com/mlflow/mlflow/pull/19260
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-24T15:17:25Z/
url https://github.com/mlflow/mlflow/pull/19260
5
reference_url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
6
reference_url https://www.zerodayinitiative.com/advisories/ZDI-26-111
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-26-111
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2441514
reference_id 2441514
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2441514
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-2635
reference_id CVE-2026-2635
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-2635
9
reference_url https://github.com/advisories/GHSA-gq3w-7jj3-x7gr
reference_id GHSA-gq3w-7jj3-x7gr
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gq3w-7jj3-x7gr
10
reference_url https://www.zerodayinitiative.com/advisories/ZDI-26-111/
reference_id ZDI-26-111
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-24T15:17:25Z/
url https://www.zerodayinitiative.com/advisories/ZDI-26-111/
fixed_packages
0
url pkg:pypi/mlflow@3.8.0rc0
purl pkg:pypi/mlflow@3.8.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-57gp-hzcs-nubp
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-g9p5-4cqv-qfew
4
vulnerability VCID-hu7e-n16j-rubw
5
vulnerability VCID-nzpp-uvn2-97dn
6
vulnerability VCID-shfs-2f4g-13dm
7
vulnerability VCID-v436-quyu-1kav
8
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.8.0rc0
aliases CVE-2026-2635, GHSA-gq3w-7jj3-x7gr
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbbj-9qan-ubgg
14
url VCID-twnx-dt83-nuf3
vulnerability_id VCID-twnx-dt83-nuf3
summary 
MLFlow is vulnerable to DNS rebinding attacks due to a lack of Origin header validation
MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An attacker can query, update, and delete experiments via the affected endpoints, leading to potential data exfiltration, destruction, or manipulation. The issue is resolved in version 3.5.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14279
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12522
published_at 2026-06-06T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.1252
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14279
1
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
2
reference_url https://github.com/mlflow/mlflow/commit/b0ffd289e9b0d0cc32c9e3a9b9f3843ae83dbec3
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-12T14:54:23Z/
url https://github.com/mlflow/mlflow/commit/b0ffd289e9b0d0cc32c9e3a9b9f3843ae83dbec3
3
reference_url https://github.com/mlflow/mlflow/pull/17910
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/pull/17910
4
reference_url https://huntr.com/bounties/ef478f72-2e4f-44dc-8055-fc06bef03108
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-12T14:54:23Z/
url https://huntr.com/bounties/ef478f72-2e4f-44dc-8055-fc06bef03108
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-14279
reference_id CVE-2025-14279
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-14279
6
reference_url https://github.com/advisories/GHSA-pgqp-8h46-6x4j
reference_id GHSA-pgqp-8h46-6x4j
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pgqp-8h46-6x4j
fixed_packages
0
url pkg:pypi/mlflow@3.5.0
purl pkg:pypi/mlflow@3.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rkq-1ed6-fkd8
1
vulnerability VCID-57gp-hzcs-nubp
2
vulnerability VCID-5a75-gxh6-5bak
3
vulnerability VCID-cu1t-7wnm-y7hk
4
vulnerability VCID-g9p5-4cqv-qfew
5
vulnerability VCID-hu7e-n16j-rubw
6
vulnerability VCID-nzpp-uvn2-97dn
7
vulnerability VCID-rkbn-tn99-rucq
8
vulnerability VCID-shfs-2f4g-13dm
9
vulnerability VCID-tbbj-9qan-ubgg
10
vulnerability VCID-v436-quyu-1kav
11
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.5.0
aliases CVE-2025-14279, GHSA-pgqp-8h46-6x4j
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-twnx-dt83-nuf3
15
url VCID-v436-quyu-1kav
vulnerability_id VCID-v436-quyu-1kav
summary mlflow/mlflow: Path Traversal Vulnerability in mlflow/mlflow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15031.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15031.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-15031
reference_id
reference_type
scores
0
value 0.00333
scoring_system epss
scoring_elements 0.56484
published_at 2026-06-06T12:55:00Z
1
value 0.00333
scoring_system epss
scoring_elements 0.56478
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-15031
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/blob/fe4d9be330426904283401f1d2ed914238b6fc37/mlflow/pyfunc/dbconnect_artifact_cache.py#L140
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/blob/fe4d9be330426904283401f1d2ed914238b6fc37/mlflow/pyfunc/dbconnect_artifact_cache.py#L140
4
reference_url https://github.com/mlflow/mlflow/commit/3bf6d81ac4d38654c8ff012dbd0c3e9f17e7e346
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/3bf6d81ac4d38654c8ff012dbd0c3e9f17e7e346
5
reference_url https://huntr.com/bounties/09856f77-f968-446f-a930-657d126efe4e
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-19T13:52:23Z/
url https://huntr.com/bounties/09856f77-f968-446f-a930-657d126efe4e
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-15031
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-15031
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448912
reference_id 2448912
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448912
8
reference_url https://github.com/advisories/GHSA-fhff-qmm8-h2fp
reference_id GHSA-fhff-qmm8-h2fp
reference_type
scores
url https://github.com/advisories/GHSA-fhff-qmm8-h2fp
fixed_packages
0
url pkg:pypi/mlflow@3.9.0rc0
purl pkg:pypi/mlflow@3.9.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-57gp-hzcs-nubp
1
vulnerability VCID-cu1t-7wnm-y7hk
2
vulnerability VCID-g9p5-4cqv-qfew
3
vulnerability VCID-hu7e-n16j-rubw
4
vulnerability VCID-wp3u-ssnj-tyh8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0rc0
aliases CVE-2025-15031, GHSA-fhff-qmm8-h2fp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v436-quyu-1kav
16
url VCID-wp3u-ssnj-tyh8
vulnerability_id VCID-wp3u-ssnj-tyh8
summary 
Mlflow: Command Injection when serving models with enable_mlserver=True
A command injection vulnerability exists in Mlflow when serving a model with `enable_mlserver=True`. The `model_uri` is embedded directly into a shell command executed via `bash -c` without proper sanitization. If the `model_uri` contains shell metacharacters, such as `$()` or backticks, it allows for command substitution and execution of attacker-controlled commands. This vulnerability affects the latest version of mlflow/mlflow and can lead to privilege escalation if a higher-privileged service serves models from a directory writable by lower-privileged users.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0596
reference_id
reference_type
scores
0
value 0.00165
scoring_system epss
scoring_elements 0.37353
published_at 2026-06-05T12:55:00Z
1
value 0.00165
scoring_system epss
scoring_elements 0.37359
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0596
1
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
2
reference_url https://github.com/mlflow/mlflow/commit/202fac4c83ccc8544c087c142b80196d0e60695c
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/202fac4c83ccc8544c087c142b80196d0e60695c
3
reference_url https://github.com/mlflow/mlflow/pull/19738
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/pull/19738
4
reference_url https://huntr.com/bounties/2e905add-f9f5-4309-a3db-b17de5981285
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T17:19:22Z/
url https://huntr.com/bounties/2e905add-f9f5-4309-a3db-b17de5981285
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-0596
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-0596
6
reference_url https://github.com/advisories/GHSA-rvhj-8chj-8v3c
reference_id GHSA-rvhj-8chj-8v3c
reference_type
scores
url https://github.com/advisories/GHSA-rvhj-8chj-8v3c
fixed_packages
0
url pkg:pypi/mlflow@3.9.0
purl pkg:pypi/mlflow@3.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-57gp-hzcs-nubp
1
vulnerability VCID-cu1t-7wnm-y7hk
2
vulnerability VCID-g9p5-4cqv-qfew
3
vulnerability VCID-hu7e-n16j-rubw
4
vulnerability VCID-pk3j-kucq-33ca
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0
aliases CVE-2026-0596, GHSA-rvhj-8chj-8v3c
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wp3u-ssnj-tyh8
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.21.2