CVE-2026-33866 | MLflow up to 3.10.1 AJAX Endpoint authorization

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in MLflow up to 3.10.1. Affected by this issue is some unknown functionality of the component AJAX Endpoint. This manipulation causes missing authorization.

This vulnerability is handled as CVE-2026-33866. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-33866 | MLflow up to 3.10.1 AJAX Endpoint authorization

Post correlati

CVE-2022-50180 | Linux Kernel up to 5.19.1 wifi il4965_rs_fill_link_cmd off-by-one

CVE-2024-1346 | LaborOfficeFree 19.10 weak password

CVE-2026-31839 | striae-org striae up to 2.x integrity check

CVE-2024-0854 | Synology DiskStation Manager prior 7.2.1-69057-2 File Access redirect (SA_24_02)