Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
MLflow Tracking Server allows remote code execution without login
Exploitation likelihood: 16%
CVE-2026-2033
Summary
Affected: MLflow Tracking Server. Risk: attackers can execute code on your server without a login. To fix: update to the latest version of MLflow Tracking Server or apply patches as recommended by the vendor.
Original title
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ML...
Original description
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26649.
The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26649.
nvd CVSS3.0
8.1
Vulnerability type
CWE-22
Path Traversal
Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026