Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
CVE-2026-3198: MLflow with Basic Auth Fails to Enforce Authorization Checks
CVE-2026-3198
Summary
MLflow 3.9.0 with basic authentication has a security issue where it doesn't properly check permissions for certain sensitive information. This allows any authenticated user to see API keys, endpoint configurations, and model definitions, which they shouldn't have access to. To fix this, update to a newer version of MLflow or apply the necessary patches.
Original title
MLflow 3.9.0 with basic-auth (`--app-name basic-auth`) fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the `BEFORE_REQUEST_HANDLERS` dictionary in `ml...
Original description
MLflow 3.9.0 with basic-auth (`--app-name basic-auth`) fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the `BEFORE_REQUEST_HANDLERS` dictionary in `mlflow/server/auth/__init__.py` does not include entries for `ListGatewaySecretInfos`, `ListGatewayEndpoints`, and `ListGatewayModelDefinitions`. This allows any authenticated user, regardless of their assigned permissions, to enumerate all gateway secrets, endpoints, and model definitions. This vulnerability exposes sensitive information, such as API keys, endpoint configurations, and proprietary model definitions, to unauthorized users.
nvd CVSS3.0
6.5
Vulnerability type
CWE-284
Improper Access Control
Published: 2 Jun 2026 · Updated: 2 Jun 2026 · First seen: 2 Jun 2026