CVE-2026-2734
Authorization Bypass in SearchModelVersions in mlflow/mlflow
描述
In mlflow/mlflow versions up to 3.9.0, the `SearchModelVersions` REST API endpoint and the `mlflowSearchModelVersions` GraphQL query lack proper per-model authorization checks when basic authentication is enabled. This allows any authenticated user to enumerate all model versions across all registered models, regardless of their permission level. The issue arises due to the absence of `SearchModelVersions` in the `BEFORE_REQUEST_VALIDATORS` and `AFTER_REQUEST_HANDLERS` for the REST API, and its omission from `GraphQLAuthorizationMiddleware.PROTECTED_FIELDS` for GraphQL. This vulnerability can expose sensitive information such as model names, version descriptions, source URIs, tags, and other metadata, potentially revealing proprietary or confidential details in multi-tenant environments. The issue is resolved in version 3.10.0.
如何修補 CVE-2026-2734
要修補 CVE-2026-2734,請將受影響套件升級到下列已修補版本。
- —升級至 3.10.0 或更新版本
- —升級至 3.10.0 或更新版本
CVE-2026-2734 正在被利用嗎?
目前沒有被利用訊號。CVE-2026-2734 既不在 CISA KEV 也沒有最新的 EPSS 分數。
受影響套件(2)
- from 0, < 3.10.0
- from 0, < 3.10.0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |