66 matches found
BIT-MLFLOW-2026-33866 Authorization Bypass in MLflow AJAX Endpoint
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...
BIT-MLFLOW-2026-33865 Stored XSS via unsafe YAML parsing in MLflow
MLflow is vulnerable to Stored Cross-Site Scripting XSS caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actio...
MLflow Is Vulnerable To Stored Cross-Site Scripting (XSS) Caused By Unsafe Parsing Of YAML-based MLmodel Artifacts In It
MLflow is vulnerable to Stored Cross-Site Scripting XSS caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actio...
MLflow Is Vulnerable To An Authorization Bypass Affecting The AJAX Endpoint
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...
CVE-2026-33866
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...
GHSA-46R5-X6JQ-V8G6 MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...
EUVD-2026-19609
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...
GHSA-FH64-R2VC-XVHR MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface
MLflow is vulnerable to Stored Cross-Site Scripting XSS caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actio...
CVE-2026-33866
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...
PYSEC-2026-94
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...
PYSEC-2026-93
MLflow is vulnerable to Stored Cross-Site Scripting XSS caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actio...
CVE-2026-33866 Authorization Bypass in MLflow AJAX Endpoint
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...
CVE-2026-33866
CVE-2026-33866 affects MLflow up to version 3.10.1 and describes an authorization bypass in the AJAX endpoint for downloading saved model artifacts. Due to missing access-control validation, a user without permissions to a given experiment can directly query the endpoint and retrieve artifacts th...
CVE-2026-33866 Authorization Bypass in MLflow AJAX Endpoint
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...
CVE-2026-33865 Stored XSS via unsafe YAML parsing in MLflow
MLflow is vulnerable to Stored Cross-Site Scripting XSS caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actio...
PT-2026-30821
Name of the Vulnerable Software and Affected Versions MLflow versions prior to 3.10.1 Description An authorization bypass exists in the AJAX endpoint used to download saved model artifacts. Due to missing access-control validation, a user without permissions to a specific experiment can directly...
admet-workbench (>=0.1.0 <=0.1.1), agent-gpt-aws (>=0.4.4 <=0.9.5) +49 more potentially affected by CVE-2026-1777 via sagemaker (=3.10.1)
sagemaker PYPI version =3.10.1 is affected by a known vulnerability. The following packages have a transitive dependency on sagemaker and may be impacted: - admet-workbench =0.1.0, =0.4.4, =1.3.24, =0.0.2, =0.1.13, =0.1.0, =0.4.0, =1.0.1, =0.4.0, =0.1.12, =0.1.0, =0.2.7 and more Source cves:...
admet-workbench (>=0.1.0 <=0.1.1), agent-gpt-aws (>=0.4.4 <=0.9.5) +49 more potentially affected by CVE-2026-1778 via sagemaker (=3.10.1)
sagemaker PYPI version =3.10.1 is affected by a known vulnerability. The following packages have a transitive dependency on sagemaker and may be impacted: - admet-workbench =0.1.0, =0.4.4, =1.3.24, =0.0.2, =0.1.13, =0.1.0, =0.4.0, =1.0.1, =0.4.0, =0.1.12, =0.1.0, =0.2.7 and more Source cves:...
CVE-2026-24636
Missing Authorization vulnerability in Syed Balkhi Sugar Calendar Lite sugar-calendar-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sugar Calendar Lite: from n/a through = 3.9.1...