XSS in Mlflow
CVE-2026-33865
MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.000 (1.3th percentile) — read the EPSS interpretation.
Affected products
- Mlflow — versions 0
Weakness classification (CWE)
References
- github.com/mlflow/mlflow/pull/21435 (patch)
- cert.pl/en/posts/2026/04/CVE-2026-33865/ (third-party-advisory)
- afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors (exploit, technical-description)