8 matches found
CVE-2026-0545 vulnerabilities
Vulnerabilities for packages: mlflow-fips, mlflow...
CVE-2026-0545
creationtimestamp| type| source ---|---|--- 2026-04-03 18:55:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimfityqht2i 2026-04-03 19:24:00+00:00| published-proof-of-concept| Telegram/l2CWtN20f6D8WOiAClhqJgrdc6BQljDZCBDw2ZgpHM67Hss 2026-04-04 06:00:22+00:00| seen|...
azure-ai-generative (>=1.0.0b1 <=1.0.0b3), azure-ai-resources (>=1.0.0b1 <=1.0.0b9) +15 more potentially affected by CVE-2026-0545 via mlflow-skinny (>=3.0.0 <=3.0.1)
mlflow-skinny PYPI version =3.0.0, =1.0.0b1, =1.0.0b1, =0.1.0, =0.1.0, =2.5.0, =0.0.13, =3.0.0, =0.1.0, =0.1.4 and more Source cves: CVE-2026-0545 Source advisory: SNYK:PYTHON-MLFLOWSKINNY-15922302...
databricks-agents (>=0.1.0 <=1.0.0rc1), datamint (>=2.5.0 <=2.5.2) +3 more potentially affected by CVE-2026-0545 via mlflow (>=3.0.0rc2 <=3.0.1)
mlflow PYPI version =3.0.0rc2, =0.1.0, =2.5.0, =0.2.0.dev0, =0.6.7, =0.8.1 Source cves: CVE-2026-0545 Source advisory: SNYK:PYTHON-MLFLOW-15922301...
CVE-2026-0545 Missing Authentication for Critical Function in mlflow/mlflow
In mlflow/mlflow, the FastAPI job endpoints under /ajax-api/3.0/jobs/ are not protected by authentication or authorization when the basic-auth app is enabled. This vulnerability affects the latest version of the repository. If job execution is enabled MLFLOWSERVERENABLEJOBEXECUTION=true and any j...
CVE-2026-0545 Missing Authentication for Critical Function in mlflow/mlflow
In mlflow/mlflow, the FastAPI job endpoints under /ajax-api/3.0/jobs/ are not protected by authentication or authorization when the basic-auth app is enabled. This vulnerability affects the latest version of the repository. If job execution is enabled MLFLOWSERVERENABLEJOBEXECUTION=true and any j...
RockyLinux 10 : podman (RLSA-2026:0545)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0545 advisory. golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS CVE-2025-47913 Tenable has extracted the precedi...
Oracle Linux 10 : podman (ELSA-2026-0545)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0545 advisory. - fixes 'CVE-2025-47913 podman: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS rhel-10.1.z' Tenable has extracted the...