High severity7.1NVD Advisory· Published Mar 27, 2026· Updated Apr 28, 2026
CVE-2025-15381
CVE-2025-15381
Description
In the latest version of mlflow/mlflow, when the basic-auth app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with NO_PERMISSIONS on the experiment, to read trace information and create assessments for traces they should not have access to. This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Deployments using mlflow server --app-name=basic-auth are affected.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mlflowPyPI | <= 3.8.1 | — |
Affected products
1- cpe:2.3:a:lfprojects:mlflow:-:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-g6pg-52vf-843hghsaADVISORY
- huntr.com/bounties/149fb2f9-ef4b-4136-a25c-20563451904cnvdThird Party AdvisoryExploitWEB
- nvd.nist.gov/vuln/detail/CVE-2025-15381ghsaADVISORY
- github.com/mlflow/mlflow/blob/b569ebc74c14af593c326143bee2df44a5d59edf/mlflow/server/auth/__init__.pyghsaWEB
News mentions
0No linked articles in our index yet.