{"data":{"id":"cdc30758-e5a8-4348-9e1b-8c8a7c6f00b3","title":"CVE-2026-4137: In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_dir()` function in `mlflow/utils/file_utils.py` cr","summary":"MLflow versions before 3.11.0 create temporary directories with overly permissive access permissions (world-writable or group-writable), allowing local attackers to modify model files and execute arbitrary code when those files are loaded. This is especially dangerous in shared environments like Databricks where multiple users access the same network storage.","solution":"Update MLflow to version 3.11.0 or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-4137","publishedAt":"2026-05-18T21:16:40.710Z","cveId":"CVE-2026-4137","cweIds":["CWE-378"],"cvssScore":null,"cvssSeverity":null,"severity":"critical","attackType":["model_poisoning","supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["MLflow","Databricks"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-05-18T21:16:40.710Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"training_data","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}