BIT-MLFLOW-2026-4035 Environment Variable Resolution Vulnerability in mlflow/mlflow

A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which can be exploited to exfiltrate sensitive server-side environment credentials to an attacker-controlled endpoint. This issue arises because the apikey field in...

BIT-MLFLOW-2026-2651 Missing Authorization Validation in mlflow/mlflow

A vulnerability in MLflow versions =3.10.1.dev0 allows unauthorized access to multipart upload MPU endpoints when the --serve-artifacts mode is enabled. The authorization logic does not enforce resource-level permission checks for /mlflow-artifacts/mpu/ endpoints, enabling attackers to overwrite...

CVE-2026-4035

A flaw was found in MLflow. This vulnerability allows an attacker to exfiltrate sensitive server-side environment credentials. It occurs because the AI Gateway secrets can resolve environment variables, which are then sent to an attacker-controlled endpoint. This could lead to unauthorized access...

BIT-MLFLOW-2026-4137 Incomplete Fix for CVE-2025-10279: Insecure Temporary Directory Permissions in mlflow/mlflow

In mlflow/mlflow versions prior to 3.11.0, the getorcreatenfstmpdir function in mlflow/utils/fileutils.py creates temporary directories with world-writable permissions 0o777, and the createmodeldownloadingtmpdir function in mlflow/pyfunc/init.py creates directories with group-writable permissions...

BIT-MLFLOW-2026-3198 Improper Access Control in mlflow/mlflow

MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...

Use of Weak Hash

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Use of Weak Hash in the mlflow.data.digestutils function. An...

a2 (>=0.1.0 <=0.3.17), abadpour (>=6.13.1 <=7.24.1) +948 more potentially affected by CVE-2026-10803 via mlflow (>=0.8.2 <=3.9.0)

mlflow PYPI version =0.8.2, =0.1.0, =6.13.1, =9.273.1, =1.1.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.0.5, =1.0.0, =0.1.0, =1.1.1 - ai-helpers-pytorch-utils =0.1.0a1 - ailine-core =0.5.5 and more Source cves: CVE-2026-10803 Source advisory: SNYK:PYTHON-MLFLOW-17173043...

abadpour (>=6.13.1 <=7.24.1), abcli (>=9.273.1 <=9.572.1) +899 more potentially affected by CVE-2026-10803 via mlflow-skinny (>=1.19.0 <=3.9.0rc0)

mlflow-skinny PYPI version =1.19.0, =6.13.1, =9.273.1, =1.1.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.2.1 and more Source cves: CVE-2026-10803 Source advisory: SNYK:PYTHON-MLFLOWSKINNY-17173042...

Use of Weak Hash

Overview Affected versions of this package are vulnerable to Use of Weak Hash in the mlflow.data.digestutils function. An attacker can compromise data integrity or cause unexpected behavior by exploiting the use of a weak hash algorithm during dataset digest computation. PoC python import pandas ...

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +347 more potentially affected by CVE-2026-10803 via mlflow (>=0.8.2 <=3.10.0)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2026-10803 Source advisory: OSV:PYSEC-2026-195...

CVE-2026-10803

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

PYSEC-2026-195

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

PYSEC-0000-CVE-2026-10803

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

PYSEC-2026-195

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

CVE-2026-10803

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

EUVD-2026-34245

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

CVE-2026-10803 MLflow Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

CVE-2026-10803

MLflow up to 3.10.0 contains a flaw in mlflow.data.digest_utils (Digest Computation) where manipulation leads to use of a weak hash. This affects the Digest Utils function in the Dataset Digest Computation component and enables a local attack. The reported exploitability is high in complexity wit...

CVE-2026-10803 MLflow Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

MLflow 安全漏洞

MLflow is an open-source platform that simplifies machine learning development. It includes features like tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Versions of MLflow 3.10.0 and earlier contain security vulnerabilities. These vulnerabilities ste...