CVE-2026-2652 is a high-severity authentication bypass in mlflow/mlflow. When MLflow is started with authentication enabled using `--app-name basic-auth` and served through uvicorn, the FastAPI permission middleware only protects `/gateway/` routes. Other routes, including the Job API and OpenTelemetry trace ingestion, can remain exposed without authentication. In practical terms, an unauthenticated remot [truncated]
CVE-2025-14287 is a command injection vulnerability in the mlflow/mlflow project, specifically affecting versions before v3.7.0. The vulnerability is located in the `mlflow/sagemaker/__init__.py` file at lines 161-167 and arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization. These commands are then executed using `os.system()`, allowin [truncated]