PYSEC-2026-1648

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/mlflow/PYSEC-2026-1648.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-1648
Aliases
Published
2026-07-07T11:45:44.933371Z
Modified
2026-07-07T17:57:00.715907729Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
MLFlow unsafe deserialization
Details

Deserialization of untrusted data can occur in versions of the MLflow platform running version 2.5.0 or newer, enabling a maliciously uploaded Langchain AgentExecutor model to run arbitrary code on an end user’s system when interacted with.

References

Affected packages

PyPI / mlflow

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.5.0
Last affected
2.14.1

Affected versions

2.*
2.5.0
2.6.0
2.7.0
2.7.1
2.8.0
2.8.1
2.9.0
2.9.1
2.9.2
2.10.0
2.10.1
2.10.2
2.11.0
2.11.1
2.11.2
2.11.3
2.11.4
2.12.0
2.12.1
2.12.2
2.13.0
2.13.1
2.13.2
2.14.0rc0
2.14.0
2.14.1

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/mlflow/PYSEC-2026-1648.yaml"