CVE-2026-3198

MEDIUM 6.5

Improper Access Control in mlflow/mlflow

CVSS Score

6.5

EPSS Score

0.0%

EPSS Percentile

7th

MLflow 3.9.0 with basic-auth (`--app-name basic-auth`) fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the `BEFORE_REQUEST_HANDLERS` dictionary in `mlflow/server/auth/__init__.py` does not include entries for `ListGatewaySecretInfos`, `ListGatewayEndpoints`, and `ListGatewayModelDefinitions`. This allows any authenticated user, regardless of their assigned permissions, to enumerate all gateway secrets, endpoints, and model definitions. This vulnerability exposes sensitive information, such as API keys, endpoint configurations, and proprietary model definitions, to unauthorized users.

CWE	CWE-284
Vendor	mlflow
Product	mlflow/mlflow
Published	Jun 2, 2026
Last Updated	Jun 2, 2026

Stay Ahead of the Next One

Get instant alerts for mlflow mlflow/mlflow

Be the first to know when new medium vulnerabilities affecting mlflow mlflow/mlflow are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Versions

mlflow / mlflow/mlflow

unspecified ≤ latest

References

NVD ↗ CVE.org ↗ EPSS Data ↗

huntr.com: https://huntr.com/bounties/e57db731-97d3-40c3-a429-831ee959807f