CVE-2026-2033
HIGH
GHSA-q2r8-vmq7-fpx2
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Tags
Description
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26649.
Analysis
Unauthenticated remote code execution in MLflow Tracking Server through directory traversal in artifact file path handling enables attackers to execute arbitrary commands with service account privileges. The vulnerability stems from insufficient validation of user-supplied paths in file operations, allowing exploitation without authentication. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all MLflow Tracking Server instances in your environment and document network exposure. Within 7 days: Implement network segmentation to restrict MLflow access to authorized users only, disable public internet exposure, and deploy WAF rules to block directory traversal patterns. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today