CVE-2026-2614: A vulnerability in the `_create_model_version()` handler of `mlflow/server/handlers.py` in mlflow/mlflow versions 3.9.0
Summary
MLflow versions 3.9.0 and earlier contain a vulnerability where unauthenticated attackers can read arbitrary files from a server by exploiting a flaw in the `_create_model_version()` handler (a function that processes requests to create new model versions). An attacker can trick the system into storing any file path from the server's filesystem by using a special tag in their request, and then retrieve those files through a different function that doesn't properly check permissions.
Solution / Mitigation
This issue is fixed in version 3.10.0.
Vulnerability Details
EPSS: 0.0%
May 11, 2026
Classification
Affected Vendors
Related Issues
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-2614
First tracked: May 12, 2026 at 02:12 AM
Classified by LLM (prompt v3) · confidence: 95%