QwikSec

Security Database

CVE

CWE

Training

CVE-2026-33865

Published: Apr 7, 2026

Modified: Apr 14, 2026

PUBLISHED

Description

MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actions such as session hijacking or performing operations on behalf of the victim. This issue affects MLflow version through 3.10.1

Vendor	Product	Versions
Mlflow	Mlflow	affected `0 - <= 3.10.1`

Weaknesses (CWE)

References

https://github.com/mlflow/mlflow/pull/21435

patch

https://cert.pl/en/posts/2026/04/CVE-2026-33865/

third-party-advisory

https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors

exploit

technical-description

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.