mlflow Latest Vulnerabilities
Latest vulnerabilities published by mlflow
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Authorization Bypass in MLflow Affects Multiple Gateway API Endpoints
CVE-2026-3198MlflowMlflow/mlflow6.5MEDIUMUnauthorized Access Vulnerability in MLflow by Databricks
CVE-2026-2651MlflowMlflow/mlflow9CRITICALAuthorization Flaw in MLflow Versions Allowing Unauthorized Model Version Enumeration
CVE-2026-2734MlflowMlflow/mlflow6.5MEDIUMCross-Origin Vulnerability in MLflow Assistant by Databricks
CVE-2026-2611MlflowMlflow/mlflow9.6CRITICALInsecure File Permissions in MLflow Affecting Directory Management
CVE-2026-4137MlflowMlflow/mlflow7HIGHAuthentication Bypass in mlflow/mlflow Product by Databricks
CVE-2026-2652MlflowMlflow/mlflow8.6HIGHVulnerability in Model Version Handler of MLflow by Databricks
CVE-2026-2614MlflowMlflow/mlflow7.5HIGHServer-Side Request Forgery in MLflow Affects Internal Services
CVE-2026-2393MlflowMlflow/mlflow7.1HIGHAuthorization Bypass in MLflow Affects Model Artifact Access
CVE-2026-33866MlflowMlflowπΎπ‘5.3MEDIUMXSS Vulnerability in MLflow Affects Data Management and Analysis
CVE-2026-33865MlflowMlflowπΎπ‘5.1MEDIUMAuthentication Bypass Vulnerability in FastAPI Job Endpoints of MLflow
CVE-2026-0545MlflowMlflow/mlflowEPSS 10%9.1CRITICALCommand Injection Vulnerability in mlflow by Databricks
CVE-2026-0596MlflowMlflow/mlflow9.6CRITICALCommand Injection Vulnerability in MLflow Model Serving
CVE-2025-15379MlflowMlflow/mlflow10CRITICALPath Traversal Vulnerability in MLflow Affects File Access and Security
CVE-2025-15036MlflowMlflow/mlflow9.6CRITICALUnauthorized Access in Mlflowβs Basic Auth Application
CVE-2025-15381MlflowMlflow/mlflow8.1HIGHArbitrary File Write Vulnerability in MLflow by Databricks
CVE-2025-15031MlflowMlflow/mlflow8.1HIGHCommand Injection Vulnerability in MLflow by Databricks
CVE-2025-14287MlflowMlflow/mlflow7.5HIGHAuthentication Bypass Vulnerability in MLflow from Databricks
CVE-2026-2635MlflowMlflow9.8CRITICALDirectory Traversal Remote Code Execution Vulnerability in MLflow Tracking Server
CVE-2026-2033MlflowMlflowEPSS 18%8.1HIGHInsecure Permissions in MLflow Allow Arbitrary Code Execution
CVE-2025-10279MlflowMlflow/mlflow7HIGHDNS Rebinding Vulnerability in MLFlow by Databricks
CVE-2025-14279MlflowMlflow/mlflow8.1HIGHAuthentication Bypass Vulnerability in MLflow by Databricks
CVE-2025-11200MlflowMlflow8.1HIGHDirectory Traversal Vulnerability in MLflow Tracking Server
CVE-2025-11201MlflowMlflowEPSS 17%8.1HIGHDenial of Service Vulnerability in MLflow by Databricks
CVE-2025-0453MlflowMlflow/mlflow7.5HIGHPasswordless User Account Creation in MLflow by Databricks
CVE-2025-1474MlflowMlflow/mlflow5.5MEDIUM