CVE-2026-8147: In MLflow versions prior to 3.14.0, when running with authentication enabled, the trace API endpoints lack proper author
Summary
MLflow versions before 3.14.0 have a security flaw where trace API endpoints (tools for tracking AI model operations) don't properly check user permissions when authentication is turned on, allowing any logged-in user to read, delete, or modify traces they shouldn't have access to. The problem occurs because the `_before_request` handler (code that runs before processing requests) doesn't validate permissions for trace endpoints. This could lead to sensitive data leaks, destroyed audit logs (records of what happened), and unauthorized changes.
Vulnerability Details
EPSS: 0.3%
July 2, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-8147
First tracked: July 2, 2026 at 08:09 PM
Classified by LLM (prompt v3) · confidence: 95%