CVE-2026-33865 MEDIUM

CVE-2026-33865: Stored XSS via unsafe YAML parsing in MLflow

Vendor Mlflow
Product Mlflow
Weakness CWE-79 · XSS
Published April 7, 2026
Last update April 14, 2026

CVSS base score

5.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

What the vulnerability does

01Description

MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actions such as session hijacking or performing operations on behalf of the victim. This issue affects MLflow version through 3.10.1

Key dates

02Disclosure timeline

April 7, 2026 CVE published
April 14, 2026 Record updated