CVE-2026-33866: MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due
Summary
MLflow has a security flaw called an authorization bypass (a weakness where access controls are not properly checked) in its AJAX endpoint (a web interface used to download model files) that allows users without permission to download saved model artifacts they shouldn't be able to access. This affects MLflow versions up to 3.10.1 and has a CVSS score (a 0-10 rating of severity) of 5.3, considered medium severity.
Vulnerability Details
EPSS: 0.0%
April 7, 2026
Classification
Affected Vendors
Related Issues
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
CVE-2025-54868: LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-33866
First tracked: April 7, 2026 at 02:08 PM
Classified by LLM (prompt v3) · confidence: 92%