CVEFinder.io

CVE-2026-3198

đŸ”ļ medium
🔍 Scan for this CVE
Summary

MLflow 3.9.0 with basic-auth (`--app-name basic-auth`) fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the `BEFORE_REQUEST_HANDLERS` dictionary in `mlflow/server/auth/__init__.py` does not include entries for `ListGatewaySecretInfos`, `ListGatewayEndpoints`, and `ListGatewayModelDefinitions`. This allows any authenticated user, regardless of their assigned permissions, to enumerate all gateway secrets, endpoints, and model definitions. This vulnerab

Description

MLflow 3.9.0 with basic-auth (`--app-name basic-auth`) fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the `BEFORE_REQUEST_HANDLERS` dictionary in `mlflow/server/auth/__init__.py` does not include entries for `ListGatewaySecretInfos`, `ListGatewayEndpoints`, and `ListGatewayModelDefinitions`. This allows any authenticated user, regardless of their assigned permissions, to enumerate all gateway secrets, endpoints, and model definitions. This vulnerability exposes sensitive information, such as API keys, endpoint configurations, and proprietary model definitions, to unauthorized users.

CVSS Score
6.5
Medium
EPSS Score
0.0
Exploit Probability
Published Date
2026-06-02
First Seen: 2026-06-03
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 47.8% of all 326,604 vulnerabilities in our database.

#170,379
Below average severity
Severity Percentile
đŸŽ¯ CISA SSVC Assessment Updated: Jun 2, 2026
🔍 Exploitation Status
Poc
Proof-of-concept available
⚙ī¸ Automatable
NO
Requires human interaction
đŸ’Ĩ Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2026-06-03
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE IDs (Weakness Types)
CWE-284

đŸ“Ļ Affected Products 1

Vendor Product Status Affected Versions
lfprojects mlflow Affected
v3.9.0

🔗 References 1

https://huntr.com/bounties/e57db731-97d3-40c3-a429-8...
Exploit Third Party Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-10803 ℹī¸ low 3.6 0.0 A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflo... 2026-06-04
CVE-2026-4035 ⚠ī¸ high 7.7 0.1 A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gatew... 2026-06-03
CVE-2026-2651 ⛔ critical 9.0 0.1 A vulnerability in MLflow versions <=3.10.1.dev0 allows unauthorized access to multipart upload (MPU) endpoints when the... 2026-05-25
CVE-2026-2734 đŸ”ļ medium 6.5 0.0 In mlflow/mlflow versions up to 3.9.0, the `SearchModelVersions` REST API endpoint and the `mlflowSearchModelVersions` G... 2026-05-21
CVE-2026-2611 ⛔ critical 9.6 0.0 In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. ... 2026-05-19
CVE-2026-4137 ⚠ī¸ high 7.8 0.0 In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_dir()` function in `mlflow/utils/file_utils.py` cr... 2026-05-18
These CVEs affect the same products