AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-1473: A Cross-Site Request Forgery (CSRF) vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.

highvulnerability

security

Source: NVD/CVE DatabaseMarch 20, 2025CVE-2025-1473

Summary

A CSRF vulnerability (cross-site request forgery, where an attacker tricks a user into performing unwanted actions on a website) exists in the Signup feature of MLflow versions 2.17.0 to 2.20.1, allowing attackers to create unauthorized accounts. This could enable an attacker to perform malicious actions while appearing to be a legitimate user.

Solution / Mitigation

A patch is available at https://github.com/mlflow/mlflow/commit/ecfa61cb43d3303589f3b5834fd95991c9706628.

Vulnerability Details

CVSS Score

7.1(high)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack Type

Other

Attack SophisticationTrivial

Impact (CIA+S)

integrity

AI Component TargetedFramework

Taxonomy References

CWE (Weakness Type)

CWE-352

Affected Vendors

Related Issues

high

CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne

Similar attackNVD/CVE Database

critical

CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi

First tracked: February 15, 2026 at 08:46 PM

Classified by LLM (prompt v3) · confidence: 85%