VulnerableCode Package Details - pkg:pypi/mlflow@3.11.0rc0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/mlflow@3.11.0rc0

Essentials
History (2)

purl	pkg:pypi/mlflow@3.11.0rc0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-pugd-v7em-sbec	MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actions such as session hijacking or performing operations on behalf of the victim. This issue affects MLflow version through 3.10.1	CVE-2026-33865 PYSEC-2026-93
VCID-qnyj-3qc7-p7bp	MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to access. This issue affects MLflow version through 3.10.1	CVE-2026-33866 PYSEC-2026-94

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-30T20:37:53.351792+00:00	Pypa Importer	Fixing	VCID-qnyj-3qc7-p7bp	https://github.com/pypa/advisory-database/blob/main/vulns/mlflow/PYSEC-2026-94.yaml	38.6.0
2026-05-30T20:37:52.621494+00:00	Pypa Importer	Fixing	VCID-pugd-v7em-sbec	https://github.com/pypa/advisory-database/blob/main/vulns/mlflow/PYSEC-2026-93.yaml	38.6.0