| CVE-2025-15036 |
critical |
10.0 |
10.0 |
|
|
|
2mo ago |
MLFlow path traversal vulnerability |
| CVE-2025-15379 |
critical |
9.8 |
9.8 |
|
|
|
2mo ago |
MLflow Command Injection vulnerability |
| CVE-2026-2611 |
critical |
9.6 |
9.6 |
|
|
|
16d ago |
MLflow: Improper Origin Validation in MLflow Assistant /ajax-api Endpoints Enables Browser-Mediated Local Command Execution |
| CVE-2026-0596 |
critical |
— |
9.5 |
|
|
|
2mo ago |
Mlflow: Command Injection when serving models with enable_mlserver=True |
| CVE-2026-2652 |
high |
8.6 |
8.6 |
|
|
|
21d ago |
MLflow: unauthenticated access to certain FastAPI routes |
| CVE-2026-4137 |
high |
7.8 |
7.8 |
|
|
|
17d ago |
In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_dir()` function in `mlflow/utils/file_utils.py` creates temporary directories with world-writable permissions (0o777), and the `_… |
| CVE-2026-2614 |
high |
7.5 |
7.5 |
|
|
|
24d ago |
MLflow allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem |
| CVE-2026-2393 |
high |
7.1 |
7.1 |
|
|
|
24d ago |
MLflow Has a Server-Side Request Forgery (SSRF) Vulnerability |
| CVE-2025-15381 |
high |
7.1 |
7.1 |
|
|
|
2mo ago |
MLFlow allows Tracing + Assessments Access |
