A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.
"https://github.com/pypa/advisory-database/blob/main/vulns/mlflow/PYSEC-2026-422.yaml"