High severityNVD Advisory· Published Oct 29, 2025· Updated Feb 26, 2026
MLflow Weak Password Requirements Authentication Bypass Vulnerability
CVE-2025-11200
Description
MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of passwords. The issue results from weak password requirements. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26916.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mlflowPyPI | < 2.22.0rc0 | 2.22.0rc0 |
Affected products
1Patches
11f74f3f24d82Validate auth password to be string longer than 8 chars (#15287)
6 files changed · +14 −5
mlflow/server/auth/basic_auth.ini+1 −1 modified@@ -2,5 +2,5 @@ default_permission = READ database_uri = sqlite:///basic_auth.db admin_username = admin -admin_password = password +admin_password = password1234 authorization_function = mlflow.server.auth:authenticate_request_basic_auth
mlflow/server/auth/__init__.py+1 −1 modified@@ -782,7 +782,7 @@ def signup(): <br> <label for="password">Password:</label> <br> - <input type="password" id="password" name="password" minlength="4"> + <input type="password" id="password" name="password" minlength="12"> <br> <br> <input type="submit" value="Sign up">
mlflow/server/auth/sqlalchemy_store.py+2 −1 modified@@ -20,7 +20,7 @@ from mlflow.server.auth.permissions import _validate_permission from mlflow.store.db.utils import _get_managed_session_maker, create_sqlalchemy_engine_with_retry from mlflow.utils.uri import extract_db_type_from_uri -from mlflow.utils.validation import _validate_username +from mlflow.utils.validation import _validate_password, _validate_username class SqlAlchemyStore: @@ -42,6 +42,7 @@ def authenticate_user(self, username: str, password: str) -> bool: def create_user(self, username: str, password: str, is_admin: bool = False) -> User: _validate_username(username) + _validate_password(password) pwhash = generate_password_hash(password) with self.ManagedSessionMaker() as session: try:
mlflow/utils/validation.py+7 −0 modified@@ -623,6 +623,13 @@ def _validate_username(username): raise MlflowException("Username cannot be empty.", INVALID_PARAMETER_VALUE) +def _validate_password(password) -> None: + if password is None or len(password) < 12: + raise MlflowException.invalid_parameter_value( + "Password must be a string longer than 12 characters." + ) + + def _validate_trace_tag(key, value): _validate_tag_name(key) key = _validate_length_limit("key", MAX_TRACE_TAG_KEY_LENGTH, key)
tests/helper_functions.py+1 −1 modified@@ -52,7 +52,7 @@ def random_int(lo=1, hi=1e10): return random.randint(lo, hi) -def random_str(size=10): +def random_str(size=12): msg = ( "UUID4 generated strings have a high potential for collision at small sizes. " "10 is set as the lower bounds for random string generation to prevent non-deterministic "
tests/server/auth/test_auth.py+2 −1 modified@@ -345,7 +345,8 @@ def test_create_and_delete_registered_model(client, monkeypatch): response = requests.get( url=client.tracking_uri + GET_REGISTERED_MODEL_PERMISSION, params={"name": rm.name, "username": username1}, - auth=("admin", "password"), # Check with admin because the user permission is deleted + # Check with admin because the user permission is deleted + auth=("admin", "password1234"), ) assert response.status_code == 404
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-6xj8-rrqx-r4cvghsaADVISORY
- github.com/mlflow/mlflow/commit/1f74f3f24d8273927b8db392c23e108576936c54ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2025-11200ghsaADVISORY
- www.zerodayinitiative.com/advisories/ZDI-25-932/mitrex_research-advisory
- www.zerodayinitiative.com/advisories/ZDI-25-932ghsaWEB
News mentions
0No linked articles in our index yet.