Path Traversal Vulnerability in MLflow Affects File Access and Security
CVE-2025-15036

9.6CRITICAL

Key Information:

Vendor: Mlflow
Status: Mlflow/mlflow
Vendor: CVE Published:; 30 March 2026

What is CVE-2025-15036?

A path traversal vulnerability has been identified in the 'extract_archive_to_dir' function within the mlflow/pyfunc/dbconnect_artifact_cache.py file. The flaw exists due to insufficient validation of tar member paths during the extraction process in MLflow versions prior to 3.7.0. This weakness enables attackers who control the contents of a tar.gz file to potentially overwrite arbitrary files or gain elevated privileges. Such exploitation poses a significant risk, especially in multi-tenant or shared cluster environments, where it may lead to unauthorized access beyond designated settings, compromising overall security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

mlflow/mlflow < 3.9.0

References

https://huntr.com/bounties/36c314cf-fd6e-4fb0-b9b0-1b47bc...

https://github.com/mlflow/mlflow/commit/3bf6d81ac4d38654c...

CVSS V3.0

Score:

9.6

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 30, 2026
Vulnerability Reserved
Dec 23, 2025

JSON

Mlflow

What is CVE-2025-15036?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.0

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.