Insecure Permissions in MLflow Allow Arbitrary Code Execution
CVE-2025-10279

7HIGH

Key Information:

Vendor: Mlflow
Status: Mlflow/mlflow
Vendor: CVE Published:; 2 February 2026

What is CVE-2025-10279?

In MLflow version 2.20.3, a vulnerability exists due to the temporary directory being assigned world-writable permissions (0o777). This allows potentially malicious users with write access to the /tmp directory to exploit a race condition. By overwriting .py files in the virtual environment, an attacker can execute arbitrary code, posing significant security risks. This vulnerability has been addressed in version 3.4.0.

Affected Version(s)

mlflow/mlflow < 3.4.0

References

https://huntr.com/bounties/01d3b81e-13d1-43aa-b91a-443aec...

https://github.com/mlflow/mlflow/commit/1d7c8d4cf0a67d407...

CVSS V3.0

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 2, 2026
Vulnerability Reserved
Sep 11, 2025

CVE-2025-10279 Data

JSON

Mlflow

What is CVE-2025-10279?

Affected Version(s)

References

CVSS V3.0

Timeline