cbcvebase.
CVE-2025-15381
published 2026-03-27

CVE-2025-15381: In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This…

PriorityP341high7.1CVSS 3.1
AVNACLPRLUINSUCLIHAN
EPSS
0.33%
24.9th percentile
In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with `NO_PERMISSIONS` on the experiment, to read trace information and create assessments for traces they should not have access to. This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Deployments using `mlflow server --app-name=basic-auth` are affected.

Affected

2 ranges
VendorProductVersion rangeFixed in
mlflowmlflow_mlflow0 – 3.8.1
mlflowmlflow_mlflowunspecified – latest

CVSS provenance

nvdv3.17.1HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
vendor_redhat8.1HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.