PYSEC-2026-1656

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/mlflow/PYSEC-2026-1656.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-1656
Aliases
Published
2026-07-07T16:03:18.008873Z
Modified
2026-07-07T17:56:18.060826978Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVSS Calculator
Summary
MLFlow is vulnerable to DNS rebinding attacks due to a lack of Origin header validation
Details

MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An attacker can query, update, and delete experiments via the affected endpoints, leading to potential data exfiltration, destruction, or manipulation. The issue is resolved in version 3.5.0.

References

Affected packages

PyPI / mlflow

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.0

Affected versions

0.*
0.0.1
0.1.0
0.2.0
0.2.1
0.3.0
0.4.0
0.4.1
0.4.2
0.5.0
0.5.1
0.5.2
0.6.0
0.7.0
0.8.0
0.8.1
0.8.2
0.9.0
0.9.0.1
0.9.1
1.*
1.0.0
1.1.0
1.1.1.dev0
1.2.0
1.3.0
1.4.0
1.5.0
1.6.0
1.7.0
1.7.1
1.7.2
1.8.0
1.9.0
1.9.1
1.10.0
1.11.0
1.12.0
1.12.1
1.13
1.13.1
1.14.0
1.14.1
1.15.0
1.16.0
1.17.0
1.18.0
1.19.0
1.20.0
1.20.1
1.20.2
1.21.0
1.22.0
1.23.0
1.23.1
1.24.0
1.25.0
1.25.1
1.26.0
1.26.1
1.27.0
1.28.0
1.29.0
1.30.0
1.30.1
2.*
2.0.0rc0
2.0.0
2.0.1
2.1.0
2.1.1
2.2.0
2.2.1
2.2.2
2.3.0
2.3.1
2.3.2
2.4.0
2.4.1
2.4.2
2.5.0
2.6.0
2.7.0
2.7.1
2.8.0
2.8.1
2.9.0
2.9.1
2.9.2
2.10.0
2.10.1
2.10.2
2.11.0
2.11.1
2.11.2
2.11.3
2.11.4
2.12.0
2.12.1
2.12.2
2.13.0
2.13.1
2.13.2
2.14.0rc0
2.14.0
2.14.1
2.14.2.dev0
2.14.2
2.14.3
2.15.0rc0
2.15.0
2.15.1
2.16.0
2.16.1
2.16.2
2.17.0rc0
2.17.0
2.17.1
2.17.2
2.18.0rc0
2.18.0
2.19.0rc0
2.19.0
2.20.0rc0
2.20.0
2.20.1
2.20.2
2.20.3
2.20.4
2.21.0rc0
2.21.0
2.21.1
2.21.2
2.21.3
2.22.0rc0
2.22.0
2.22.1
2.22.2
2.22.3
2.22.4
2.22.5
3.*
3.0.0rc0
3.0.0rc1
3.0.0rc2
3.0.0rc3
3.0.0
3.0.1
3.1.0rc0
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.2.0rc0
3.2.0
3.3.0rc0
3.3.0
3.3.1
3.3.2
3.4.0rc0
3.4.0
3.5.0rc0

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/mlflow/PYSEC-2026-1656.yaml"