CVE-2026-2393 Server-Side Request Forgery (SSRF) in mlflow/mlflow

A Server-Side Request Forgery SSRF vulnerability exists in MLflow versions prior to 3.9.0. The createwebhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation, and the sendwebhookrequest function in mlflow/webhooks/delivery.py sends HTTP POST request...

CVE-2026-2393

A Server-Side Request Forgery SSRF vulnerability exists in MLflow versions prior to 3.9.0. The createwebhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation, and the sendwebhookrequest function in mlflow/webhooks/delivery.py sends HTTP POST request...

CVE-2026-2393

CVE-2026-2393: MLflow prior to 3.9.0 is vulnerable to SSRF via a user-controlled webhook URL. The _create_webhook() handler stores the URL without validation, and _send_webhook_request() POSTs to that URL, enabling an authenticated attacker to cause the MLflow backend to reach internal services, ...

MLflow 代码问题漏洞

MLflow is an open-source platform that simplifies machine learning development. It includes features for tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Versions of MLflow prior to 3.9.0 contained code vulnerabilities. These vulnerabilities stemmed fr...

MLflow 路径遍历漏洞

MLFlow is an open-source platform that simplifies machine learning development. It includes features for tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Versions of MLFlow prior to 3.9.0 contained a path traversal vulnerability. This vulnerability...

PT-2026-39649

Name of the Vulnerable Software and Affected Versions MLflow versions prior to 3.9.0 Description A Server-Side Request Forgery SSRF issue exists where the create webhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation. Subsequently, the send webhoo...

GHSA-MV93-W799-CJ2W vulnerabilities

Vulnerabilities for packages: mlflow...

CVE-2026-42284 vulnerabilities

Vulnerabilities for packages: opal, open-webui, checkov, datahub-ingestion-fips, awx, mlflow-fips, mlflow...

CVE-2026-42215 vulnerabilities

Vulnerabilities for packages: opal, open-webui, checkov, datahub-ingestion-fips, awx, mlflow-fips, mlflow...

CVE-2026-41205 vulnerabilities

Vulnerabilities for packages: nemo, open-webui, jupyter-base-notebook, airflow, pgadmin4-fips, dagster, dagster-fips, superset, mlflow, prefect-fips, airflow-core...

CVE-2026-41425 vulnerabilities

Vulnerabilities for packages: open-webui, datahub-ingestion, datahub-ingestion-fips, airflow, pgadmin4-fips, mlflow...

CVE-2026-42284 vulnerabilities

Vulnerabilities for packages: checkov, mlflow, open-webui...

CVE-2026-42215 vulnerabilities

Vulnerabilities for packages: checkov, mlflow, open-webui...

CVE-2026-41205 vulnerabilities

Vulnerabilities for packages: open-webui, jupyter-base-notebook, superset, airflow, mlflow...

CVE-2026-41425 vulnerabilities

Vulnerabilities for packages: airflow, mlflow, open-webui...

VulnCheck KEV: CVE-2023-6909

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2...

BIT-MLFLOW-2025-15379 Command Injection in mlflow/mlflow

A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in the installmodeldependenciestoenv function. When deploying a model with envmanager=LOCAL, MLflow reads dependency specifications from the model artifact's pythonenv.yaml file and...

BIT-MLFLOW-2025-15036 Path Traversal Vulnerability in mlflow/mlflow

A path traversal vulnerability exists in the extractarchivetodir function within the mlflow/pyfunc/dbconnectartifactcache.py file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An...

GHSA-FH64-R2VC-XVHR vulnerabilities

Vulnerabilities for packages: mlflow...

CVE-2026-33866 vulnerabilities

Vulnerabilities for packages: mlflow...