0.0
NA
CVE-2026-8147
Authorization Bypass in mlflow/mlflow
Description

In MLflow versions prior to 3.14.0, when running with authentication enabled, the trace API endpoints lack proper authorization validators. This allows any authenticated user to bypass experiment-level authorization controls on all trace operations, including reading, deleting, and modifying traces on experiments they do not have permission to access. The issue arises from the `_before_request` handler, which does not register authorization validators for trace endpoints, resulting in requests proceeding without validation. This vulnerability can expose sensitive data, destroy audit logs, and allow unauthorized modifications.

INFO

Published Date :

July 2, 2026, 7:32 a.m.

Last Modified :

July 2, 2026, 7:32 a.m.

Remotely Exploit :

No

Source :

@huntr_ai
Affected Products

The following products are affected by CVE-2026-8147 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

Solution
Update MLflow to version 3.14.0 or later to fix trace API authorization flaws.
  • Update MLflow to version 3.14.0 or later.
  • Verify authorization controls for trace API endpoints.
  • Implement experiment-level authorization checks.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-8147 vulnerability anywhere in the article.

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.