PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-2033 MLflow CVE debrief

CVE-2026-2033 is a high-severity vulnerability in MLflow Tracking Server, allowing remote code execution via directory traversal. The vulnerability exists in the handling of artifact file paths, where user-supplied paths are not properly validated before use in file operations. This allows remote attackers to execute arbitrary code on affected installations without requiring authentication. The vulnerability is tracked as ZDI-CAN-26649 and has a CVSS score of 7.3. To address this vulnerability, defenders should prioritize patching affected MLflow Tracking Server installations.

Vendor
MLflow
Product
Unknown
CVSS
HIGH 7.3
CISA KEV
Not listed in stored evidence
Original CVE published
2026-02-20
Original CVE updated
2026-06-30
Advisory published
2026-02-20
Advisory updated
2026-06-30

Who should care

Organizations using MLflow Tracking Server should prioritize patching this high-severity vulnerability to prevent remote code execution attacks. The vulnerability's lack of required authentication and high CVSS score emphasize the need for swift action. Defenders should review their inventory of MLflow Tracking Server installations and ensure they are updated to a patched version.

Technical summary

The MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability (CVE-2026-2033) allows remote attackers to execute arbitrary code on affected installations. The vulnerability exists due to improper validation of user-supplied paths in artifact file operations. Attackers can leverage this vulnerability to execute code in the context of the service account. The vulnerability has a CVSS score of 7.3 and is considered high-severity. The CWE-22 weakness is associated with this vulnerability.

Defensive priority

Defenders should prioritize patching affected MLflow Tracking Server installations to address this high-severity vulnerability. Reviewing inventory and ensuring updates to patched versions are crucial steps in mitigating this vulnerability.

Recommended defensive actions

  • Patch affected MLflow Tracking Server installations
  • Review inventory of MLflow Tracking Server installations
  • Ensure updates to patched versions are applied
  • Monitor for suspicious activity related to MLflow Tracking Server
  • Implement compensating controls to limit exposure

Evidence notes

The CVE-2026-2033 vulnerability is based on information from official sources, including CVE.org and the National Vulnerability Database (NVD). The vulnerability is tracked as ZDI-CAN-26649 by the Zero Day Initiative. Red Hat has also published information related to this vulnerability.

Official resources

This article is AI-assisted and based on the supplied source corpus.