Bounties
Partners
Community
Info
mlflow / mlflow
Project repository
Open source platform for the machine learning lifecycle
Submit a report
FIRST INTERACTION
WITHIN
N/A DAYS
REVIEW
WITHIN
40 DAYS
FIX
WITHIN
66 DAYS
MLflow Basic Authentication Bypass via Base64 Brute-Force
Apr 17th 2025
freyxfi
•
informative
Critical
OS Command injection in archive_directory function
Apr 17th 2025
ehtec
•
not applicable
Clickjacking in MLflow
Feb 19th 2025
freyxfi
•
duplicate
Medium
Arbitrary File Write to Remote Code Execution using the R2/optimized S3 artifact...
Feb 13th 2025
trixterthetux
•
duplicate
Critical
Leveraging FTP Server for fully controlled file writing causing RCE
Feb 13th 2025
soloplayer140
•
duplicate
Critical
Local File Read (LFI) via Overwrite Yaml file
Apr 21st 2025
taiphung217
•
pending
SSRF (Server Side Request Forgery) for Fully Controlled Files Leading to RCE
Apr 19th 2025
soloplayer140
•
pending
Server-Side Request Forgery (SSRF) due to bad 302 redirect handling in 2.19.0 Ve...
Jan 18th 2025
soloplayer140
•
duplicate
High
DoS Vulnerability in MLflow Leading to UI Inaccessibility
Feb 13th 2025
soloplayer140
•
duplicate
High
DoS Vulnerability in MLflow Leading to UI Inaccessibility
Jan 10th 2025
soloplayer140
•
self closed
Using Pickle Format in MLflow: Security Risks and Potential for Malicious Code E...
Mar 18th 2025
soloplayer140
•
duplicate
Critical
Security Vulnerability in MLflow Run Arbitrary Code
Jan 8th 2025
krishnast545
•
spam
Malicious meta.yaml file allows arbitrary read/write/list files on the filesyste...
Jan 14th 2025
ozelis
•
duplicate
High
Admin Able to Create User Without Setting a Password
Feb 24th 2025
krishnast545
•
Low
•
$20
Low
•
$20
•
CVE-2025-1474
CVE-2025-1474
The MD5 collision caused the same data set path, and the new data set could not...
Feb 24th 2025
kexinoh
•
pending
Denial of service through batched queries in GraphQL
Feb 10th 2025
patrik-ha
•
Medium
•
$125
Medium
•
$125
•
CVE-2025-0453
CVE-2025-0453
Remote Code Execution and Local File Read via Overwrite File
Jan 14th 2025
taiphung217
•
informative
Critical
Xss On MLFLOW
Feb 10th 2025
samr301
•
informative
Medium
Local File Inclusion on Mlflow
Dec 12th 2024
samr301
•
not applicable
CSRF ON SIGNUP PAGE
Feb 5th 2025
krishnast545
•
Medium
•
$125
Medium
•
$125
•
CVE-2025-1473
CVE-2025-1473
Stored XSS in Artifacts
Nov 25th 2024
jamoski3112
•
pending
Local File Read/Path Traversal in dbfs
Nov 20th 2024
m4yfly
•
High
•
$750
High
•
$750
•
CVE-2024-8859
CVE-2024-8859
RCE in Github Actions
Jun 17th 2024
redyetidev
•
informative
Critical
DOS in mlflow model tab, due to multiple EICAR file creation
Jun 18th 2024
mnqazi
•
not applicable
Creating/Renaming Experiment with Large Number of Integers in Name Leads to DOS...
Sep 16th 2024
mnqazi
•
Medium
•
$125
Medium
•
$125
•
CVE-2024-6838
CVE-2024-6838
Frameable response (potential Clickjacking)
Jun 12th 2024
dan-xzero
•
informative
None
Model Creation using URL encoding result in tDenial of Service Or Data Model Poi...
May 3rd 2024
dan-xzero
•
Medium
•
$125
Medium
•
$125
•
CVE-2024-3099
CVE-2024-3099
Unauthenticated DOS Attack due to Race Condition
Mar 19th 2024
rook1337
•
not applicable
Local File Read/Path Traversal bypass
Apr 26th 2024
asimovl
•
High
•
$750
High
•
$750
•
CVE-2024-3848
CVE-2024-3848
Low privilege users can delete artifacts with EDIT permission
Apr 26th 2024
rook1337
•
Medium
•
$125
Medium
•
$125
•
CVE-2024-4263
CVE-2024-4263
Bypass Local File Read (LFI) due to URI parsing confusion
Mar 1st 2024
trongphuc12
•
duplicate
Critical
Blind SSRF
Feb 1st 2024
achchhelalchauhan
•
not applicable
SQL injection
Feb 1st 2024
achchhelalchauhan
•
not applicable
Reflected POST XSS in mlflow/mlflow
Feb 1st 2024
achchhelalchauhan
•
not applicable
SQL injection attack on experiment update
Feb 1st 2024
achchhelalchauhan
•
not applicable
Race Condition Vulnerability in MLflow Experiments Creation
Feb 13th 2024
jplopezy
•
informative
Medium
Local File inclusion through mlflow Cli
Feb 6th 2024
rook1337
•
informative
High
Local File Read (LFI) by URI fragment parsing confusion
Apr 23rd 2024
zpbrent
•
High
•
$750
High
•
$750
•
CVE-2024-2928
CVE-2024-2928
HTML / XSS Injection to Redirection
Feb 16th 2024
0xamal
•
informative
High
Code Execution Via Deserialization of untrusted data
Jan 26th 2024
w3bspl01t3r
•
not applicable
Path traversal when deleting artifacts
Apr 16th 2024
ozelis
•
High
•
$750
High
•
$750
•
CVE-2024-1560
CVE-2024-1560
Local file read using path traversal in experinent's artifact_location
Apr 16th 2024
ozelis
•
High
•
$750
High
•
$750
•
CVE-2024-1594
CVE-2024-1594
Local file read using path traversal in model version source
Apr 16th 2024
ozelis
•
High
•
$750
High
•
$750
•
CVE-2024-1558
CVE-2024-1558
Code Execution due to pickle.load
Feb 16th 2024
aaron911
•
informative
Medium
Path traversal by smuggling in path traversal sequences using ;
Apr 16th 2024
haxatron
•
High
•
$750
High
•
$750
•
CVE-2024-1593
CVE-2024-1593
Path Traversal using local URI with # instead of ?
Apr 16th 2024
haxatron
•
High
•
$750
High
•
$750
•
CVE-2024-1483
CVE-2024-1483
Bypass of jinja2 SSTI
Dec 19th 2023
am0o0
•
Critical
•
$1500
Critical
•
$1500
•
CVE-2023-6940
CVE-2023-6940
HTML Injection in mlflow/mlflow
Feb 16th 2024
ngostuan
•
informative
Medium
Arbitrary File Write when loading datasets on Windows
Dec 13th 2023
haxatron
•
Critical
•
$1500
Critical
•
$1500
•
CVE-2023-6753
CVE-2023-6753
Remote Code Execution due to Full Controled File Write
Dec 7th 2023
kevin-mizu
•
Critical
•
$4500
Critical
•
$4500
•
CVE-2024-0520
CVE-2024-0520
bypass validate_path_is_safe() check to upload arbitrary files to arbitrary dire...
Dec 20th 2023
ozelis
•
High
•
$750
High
•
$750
•
CVE-2023-6976
CVE-2023-6976
s3 bucket takeover
Dec 11th 2023
ranjit-git
•
informative
High
Local File Disclosure bypass
Dec 20th 2023
malikdacoda
•
Critical
•
$1500
Critical
•
$1500
•
CVE-2023-6977
CVE-2023-6977
OS Command injection in `serve` CLI action
Nov 1st 2023
malikdacoda
•
not applicable
Reflected POST XSS
Dec 7th 2023
m0kr4n3
•
Medium
•
$125
Medium
•
$125
•
CVE-2023-6568
CVE-2023-6568
Server-Side Request Forgery (SSRF) due to bad 302 redirect handling
Dec 20th 2023
kevin-mizu
•
High
•
$750
High
•
$750
•
CVE-2023-6974
CVE-2023-6974
Path traversal in artifacts deletion
Dec 15th 2023
kevin-mizu
•
High
•
$1800
High
•
$1800
•
CVE-2023-6831
CVE-2023-6831
Remote Code Execution due to Full Controled File Write
Dec 20th 2023
kevin-mizu
•
Critical
•
$4500
Critical
•
$4500
•
CVE-2023-6975
CVE-2023-6975
Local File Read (LFI) due to scheme confusion
Apr 16th 2024
kevin-mizu
•
Critical
•
$1800
Critical
•
$1800
•
CVE-2024-3573
CVE-2024-3573
Local File Read (LFI) due to URI parsing confusion
Dec 18th 2023
kevin-mizu
•
High
•
$1500
High
•
$1500
•
CVE-2023-6909
CVE-2023-6909
Remote Code Execution due to jinja2 SSTI
Dec 12th 2023
kevin-mizu
•
Critical
•
$4500
Critical
•
$4500
•
CVE-2023-6709
CVE-2023-6709
Malicious model to ACE by pyfunc and many other occurences
Oct 20th 2023
zpbrent
•
informative
High
Cross Site Request Forgery in creating experiments/models
Oct 20th 2023
sreeappsec
•
informative
Medium
Processing of softlink files leads to logging and Expose Internal Confidential F...
Feb 13th 2024
b3ef
•
informative
Medium
Remote Code Execution due to Full Controled File Write
Nov 16th 2023
kevin-mizu
•
Critical
•
$30485
Critical
•
$30485
•
CVE-2023-6018
CVE-2023-6018
Path Traversal using C:.. allows to break out of root directory on Windows
Nov 16th 2023
haxatron
•
Critical
•
$30485
Critical
•
$30485
•
CVE-2023-6015
CVE-2023-6015
Stored xss bug to control other account
Sep 13th 2023
ranjit-git
•
informative
High
Authentication Bypass via REST API endpoint
Nov 16th 2023
sierrahaex
•
Critical
•
$4500
Critical
•
$4500
•
CVE-2023-6014
CVE-2023-6014
Vulnerable to clickjacking
Jul 20th 2023
liteshghute
•
not applicable
Multiple command injections in `mlflow models` CLI action
Aug 1st 2023
adeadfed
•
High
High
•
CVE-2023-4033
CVE-2023-4033
Multiple path traversals on Windows hosts
Jul 19th 2023
adeadfed
•
Critical
Critical
•
CVE-2023-3765
CVE-2023-3765
LFI in Model Version REST API creation
Apr 28th 2023
benwilson2
•
Critical
Critical
•
CVE-2023-2356
CVE-2023-2356
Local File Read Bypass in mlflow/mlflow
May 17th 2023
iamnoooob
•
Critical
Critical
•
CVE-2023-2780
CVE-2023-2780
Blind LFI in register-model/get?name=
Mar 24th 2023
danmcinerney
•
Medium
Medium
•
CVE-2023-1176
CVE-2023-1176
LFI/RFI in MLflow
Mar 24th 2023
danmcinerney
•
Critical
Critical
•
CVE-2023-1177
CVE-2023-1177
Omitted
Oct 26th 2022
skifast1
•
self closed
Insecure Temporary File
Feb 23rd 2022
srikanthprathi
•
High
•
$17.5
High
•
$17.5
•
CVE-2022-0736
CVE-2022-0736
CRITICAL
$1500
HIGH
$750
MEDIUM
$125
LOW
$20