CVE-2025-15381 HIGH

CVE-2025-15381: Unauthorized Access to Tracing and Assessment Endpoints in mlflow/mlflow

Vendor Mlflow
Product mlflow/mlflow
Weakness CWE-200 · Info exposure
Published March 27, 2026
Last update June 30, 2026

CVSS base score

8.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

What the vulnerability does

01Description

In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with `NO_PERMISSIONS` on the experiment, to read trace information and create assessments for traces they should not have access to. This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Deployments using `mlflow server --app-name=basic-auth` are affected.

Key dates

02Disclosure timeline

March 27, 2026 CVE published
June 30, 2026 Record updated