Medium severity6.5NVD Advisory· Published Jun 2, 2026· Updated Jun 3, 2026
CVE-2026-3198
CVE-2026-3198
Description
MLflow 3.9.0 with basic-auth (--app-name basic-auth) fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFORE_REQUEST_HANDLERS dictionary in mlflow/server/auth/__init__.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and ListGatewayModelDefinitions. This allows any authenticated user, regardless of their assigned permissions, to enumerate all gateway secrets, endpoints, and model definitions. This vulnerability exposes sensitive information, such as API keys, endpoint configurations, and proprietary model definitions, to unauthorized users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
1- huntr.com/bounties/e57db731-97d3-40c3-a429-831ee959807fnvdExploitThird Party Advisory
News mentions
1- MLflow: Critical Credential Leakage Flaw Disclosed Alongside Two Other VulnerabilitiesVypr Intelligence · Jun 4, 2026