How many CVEs does mlflow mlflow have?

mlflow mlflow has 59 published CVE records since 2022.

How many mlflow mlflow CVEs are in CISA KEV?

None of mlflow mlflow's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for mlflow mlflow vulnerabilities?

Yes — 31 of mlflow mlflow's CVEs have a known public exploit.

Which versions of mlflow mlflow are affected?

107 distinct mlflow mlflow versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in mlflow mlflow CVEs?

mlflow mlflow's CVEs most often map to these CWE weakness types: CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-29 (Path Traversal: '\..\filename'), CWE-502 (Deserialization of Untrusted Data), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).

How many critical mlflow mlflow vulnerabilities are there?

mlflow mlflow has 14 critical and 33 high-severity CVEs.

What is the average severity of mlflow mlflow CVEs?

The average CVSS base score across mlflow mlflow's scored CVEs is 7.9.

mlflow Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of mlflow's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical14

High33

Medium9

Low2

1 additional CVE has no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

None of mlflow's CVEs are currently listed in CISA's KEV catalog.

Public exploits

31 of mlflow's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every mlflow version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

1.0.041 CVEs
v1.7.041 CVEs
v0.2.040 CVEs
v0.2.140 CVEs
v0.3.040 CVEs
v0.4.040 CVEs
v0.4.140 CVEs
v0.4.240 CVEs
v0.5.040 CVEs
v0.6.040 CVEs
v0.740 CVEs
v0.8.040 CVEs
v0.8.140 CVEs
v2.2.037 CVEs
v2.9.012 CVEs
v2.9.112 CVEs
v2.11.03 CVEs
v2.11.13 CVEs
v2.11.23 CVEs
v2.9.23 CVEs
v3.0.03 CVEs
nightly2 CVEs
v2.3.02 CVEs
v2.8.02 CVEs
3.01 CVE
3.11 CVE
3.10.01 CVE
3.21 CVE
3.31 CVE
3.41 CVE
3.51 CVE
3.61 CVE
3.71 CVE
3.81 CVE
3.91 CVE
v1.23.01 CVE
v2.0.01 CVE
v2.13.01 CVE
v2.13.11 CVE
v2.13.21 CVE
v2.15.01 CVE
v2.15.0rc01 CVE
v2.15.11 CVE
v2.17.01 CVE
v2.17.0rc01 CVE
v2.17.11 CVE
v2.17.21 CVE
v2.19.0rc01 CVE
v2.2.11 CVE
v2.21.01 CVE
v2.21.0rc01 CVE
v2.8.11 CVE

Version ranges

<= 3.10.12 CVEs
1.1.0 <= v <= *2 CVEs
< 2.6.01 CVE
< 2.9.21 CVE
>= 2.21.01 CVE
>= 2.21.31 CVE
>= 3.4.01 CVE
0.5.0 <= v <= *1 CVE
0.9.0 <= v <= *1 CVE
1.11.0 <= v <= *1 CVE
1.23.0 <= v <= *1 CVE
1.24.0 <= v <= *1 CVE
1.27.0 <= v <= *1 CVE
2.0.0rc0 <= v <= *1 CVE

Fixed in

6ca72469b289e77acc2f1201ca39237fc025c0909 CVEs
328242e01b766129396415be219cb961270975014 CVEs
d41c7751b71635815a95999acb5524f4dd7c9b093 CVEs
> 3.10.12 CVEs
1da75dfcecd4d169e34809ade55748384e8af6c12 CVEs
95dc31995ed488a6c8486e919a6116a84502be402 CVEs
07fdad09eabc63f39069de1ab4cf561da306159f1 CVE
149c9e18aa219bc47e86b432e130e467a36f4a171 CVE
1c6309f884798fbf56017a3cc808016869ee8de41 CVE
1d7c8d4cf0a67d407499a8a4ffac387ea4f8194a1 CVE
1f74f3f24d8273927b8db392c23e108576936c541 CVE

Find a version

59 CVEs

Sort

MLflow Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash
CVE-2026-10803
Public exploit
Patch
CWE-328
Low · CVSS 3.6
EPSS 0.0% (0th pct)2026-06-04
Authorization Bypass in MLflow AJAX Endpoint
CVE-2026-33866
Public exploit
Patch
CWE-862
Medium · CVSS 5.3
EPSS 0.0% (1th pct)2026-04-07
Stored XSS via unsafe YAML parsing in MLflow
CVE-2026-33865
Public exploit
Patch
CWE-79
Medium · CVSS 5.1
EPSS 0.0% (2th pct)2026-04-07
MLflow Use of Default Password Authentication Bypass Vulnerability
CVE-2026-2635
Patch
CWE-1393
Critical · CVSS 9.8
EPSS 1.5% (82th pct)2026-02-20
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability
CVE-2026-2033
Patch
CWE-22
High · CVSS 8.1
EPSS 14.4% (95th pct)2026-02-20
Privilege Escalation in mlflow/mlflow
CVE-2025-10279
Public exploit
Patch
CWE-379
High · CVSS 7.0
EPSS 0.0% (1th pct)2026-02-02
DNS Rebinding Vulnerability in mlflow/mlflow
CVE-2025-14279
Patch
CWE-346
High · CVSS 8.1
EPSS 0.0% (6th pct)2026-01-12
MLflow Weak Password Requirements Authentication Bypass Vulnerability
CVE-2025-11200
Patch
CWE-521
High · CVSS 8.1
EPSS 0.3% (55th pct)2025-10-29
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability
CVE-2025-11201
Patch
CWE-22
High · CVSS 8.1
EPSS 17.9% (95th pct)2025-10-29
Medium vulnerability · 2025-06-23
CVE-2025-52967
Patch
CWE-918
Medium · CVSS 5.8
EPSS 0.2% (48th pct)2025-06-23
Denial of Service through Batched Queries in GraphQL in mlflow/mlflow
CVE-2025-0453
Public exploit
Patch
CWE-410
Medium · CVSS 5.9
EPSS 0.3% (56th pct)2025-03-20
Weak Password Requirements in mlflow/mlflow
CVE-2025-1474
Public exploit
Patch
CWE-521
Low · CVSS 3.8
EPSS 0.1% (28th pct)2025-03-20
CSRF in mlflow/mlflow
CVE-2025-1473
Public exploit
Patch
CWE-352
Medium · CVSS 5.4
EPSS 0.2% (37th pct)2025-03-20
Path Traversal in mlflow/mlflow
CVE-2024-8859
Public exploit
Patch
CWE-29
High · CVSS 7.5
EPSS 25.7% (96th pct)2025-03-20
Medium vulnerability · 2025-03-20
CVE-2024-6838
Public exploit
Patch
CWE-400
Medium · CVSS 5.3
EPSS 0.6% (69th pct)2025-03-20
High vulnerability · 2024-11-25
CVE-2024-27134
Patch
CWE-367
High · CVSS 7.0
EPSS 0.0% (9th pct)2024-11-25
Local File Inclusion (LFI) via URI Fragment Parsing in mlflow/mlflow
CVE-2024-2928
Patch
CWE-29
High · CVSS 7.5
EPSS 91.2% (100th pct)2024-06-06
Remote Code Execution due to Full Controlled File Write in mlflow/mlflow
CVE-2024-0520
Public exploit
Patch
CWE-22
Critical · CVSS 10.0
EPSS 4.9% (90th pct)2024-06-06
High vulnerability · 2024-06-04
CVE-2024-37061
Public exploit
Patch
CWE-94
High · CVSS 8.8
EPSS 3.9% (89th pct)2024-06-04
High vulnerability · 2024-06-04
CVE-2024-37060
Patch
CWE-502
High · CVSS 8.8
EPSS 0.4% (60th pct)2024-06-04
High vulnerability · 2024-06-04
CVE-2024-37059
Patch
CWE-502
High · CVSS 8.8
EPSS 0.4% (64th pct)2024-06-04
High vulnerability · 2024-06-04
CVE-2024-37058
Public exploit
Patch
CWE-502
High · CVSS 8.8
EPSS 0.4% (61th pct)2024-06-04
High vulnerability · 2024-06-04
CVE-2024-37057
Public exploit
Patch
CWE-502
High · CVSS 8.8
EPSS 0.4% (64th pct)2024-06-04
High vulnerability · 2024-06-04
CVE-2024-37056
Patch
CWE-502
High · CVSS 8.8
EPSS 0.4% (61th pct)2024-06-04
High vulnerability · 2024-06-04
CVE-2024-37055
Patch
CWE-502
High · CVSS 8.8
EPSS 0.4% (64th pct)2024-06-04
High vulnerability · 2024-06-04
CVE-2024-37054
Patch
CWE-502
High · CVSS 8.8
EPSS 0.2% (44th pct)2024-06-04
High vulnerability · 2024-06-04
CVE-2024-37053
Patch
CWE-502
High · CVSS 8.8
EPSS 0.4% (64th pct)2024-06-04
High vulnerability · 2024-06-04
CVE-2024-37052
Patch
CWE-502
High · CVSS 8.8
EPSS 0.3% (56th pct)2024-06-04
Medium vulnerability · 2024-05-16
CVE-2024-4263
Patch
CWE-284
Medium · CVSS 5.4
EPSS 0.1% (20th pct)2024-05-16
High vulnerability · 2024-05-16
CVE-2024-3848
Public exploit
Patch
CWE-29
High · CVSS 7.5
EPSS 76.1% (99th pct)2024-05-16

Showing 30 of 59

Severity and exploitation

Affected versions and CVEs

Specific versions

Version ranges

Fixed in

mlflow Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Specific versions

Version ranges

Fixed in

Common weakness types

Disclosure activity by year

Other mlflow products

Frequently asked questions

How many CVEs does mlflow mlflow have?

How many mlflow mlflow CVEs are in CISA KEV?

Are there public exploits for mlflow mlflow vulnerabilities?

Which versions of mlflow mlflow are affected?

What are the most common weakness types in mlflow mlflow CVEs?

How many critical mlflow mlflow vulnerabilities are there?

What is the average severity of mlflow mlflow CVEs?

References

Track mlflow vulnerabilities