CVE-2026-3198

Source
https://cve.org/CVERecord?id=CVE-2026-3198
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3198.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-3198
Aliases
Published
2026-06-02T02:50:47.890Z
Modified
2026-07-13T16:42:37.733340178Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
Improper Access Control in mlflow/mlflow
Details

MLflow 3.9.0 with basic-auth (--app-name basic-auth) fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFORE_REQUEST_HANDLERS dictionary in mlflow/server/auth/__init__.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and ListGatewayModelDefinitions. This allows any authenticated user, regardless of their assigned permissions, to enumerate all gateway secrets, endpoints, and model definitions. This vulnerability exposes sensitive information, such as API keys, endpoint configurations, and proprietary model definitions, to unauthorized users.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/3xxx/CVE-2026-3198.json",
    "cwe_ids": [
        "CWE-284"
    ],
    "cna_assigner": "@huntr_ai"
}
References

Affected packages

Git / github.com/mlflow/mlflow

Affected ranges

Type
GIT
Repo
https://github.com/mlflow/mlflow
Events
Database specific
{
    "source": "CPE_STRING",
    "cpe": "cpe:2.3:a:lfprojects:mlflow:3.9.0:-:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "3.9.0-NA"
        },
        {
            "last_affected": "3.9.0-NA"
        }
    ]
}

Affected versions

3.*
3.9.0-NA
v3.*
v3.9.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3198.json"