CVE-2026-2611: Improper Origin Validation in mlflow/mlflow

Q: What is the severity of CVE-2026-2611?

CVE-2026-2611 is classified as a high-severity vulnerability due to the potential for remote exploitation.

Q: How do I fix CVE-2026-2611?

To fix CVE-2026-2611, upgrade MLflow to version 3.10.0 or later, where the improper origin validation issue is resolved.

Q: Who is affected by CVE-2026-2611?

CVE-2026-2611 affects users of MLflow version 3.9.0 and below.

Q: What kind of attack does CVE-2026-2611 enable?

CVE-2026-2611 enables cross-origin request attacks that could allow unauthorized interactions with the MLflow Assistant feature.

Q: Is CVE-2026-2611 a local or remote vulnerability?

CVE-2026-2611 is a remote vulnerability, allowing attackers to exploit it from malicious webpages.

Published May 19, 2026

Updated

In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. By bypassing the loopback-only restriction, the attacker can modify the Assistant's configuration to enable full access, which in turn allows the execution of arbitrary commands via the Claude Code sub-agent. This issue is resolved in version 3.10.0.

Affected Software

2 affected components

pypi/mlflow>=3.9.0<3.10.0

Lfprojects Mlflow>=3.9.0<3.10.0

Remediation

Patch Available

https://github.com/mlflow/mlflow/commit/8f9c8a53af90842944101eb8b7d60706822c81bc

Event History

May 19, 2026

CVE Published

via MITRE·09:16 AM

Data Sourced

via MITRE·09:16 AM

DescriptionSeverityWeakness

Data Sourced

via NVD·10:16 AM

RemedyDescriptionSeverityWeaknessAffected Software

Frequently Asked Questions

What is the severity of CVE-2026-2611?

CVE-2026-2611 is classified as a high-severity vulnerability due to the potential for remote exploitation.

How do I fix CVE-2026-2611?

To fix CVE-2026-2611, upgrade MLflow to version 3.10.0 or later, where the improper origin validation issue is resolved.

Who is affected by CVE-2026-2611?

CVE-2026-2611 affects users of MLflow version 3.9.0 and below.

What kind of attack does CVE-2026-2611 enable?

CVE-2026-2611 enables cross-origin request attacks that could allow unauthorized interactions with the MLflow Assistant feature.

Is CVE-2026-2611 a local or remote vulnerability?

CVE-2026-2611 is a remote vulnerability, allowing attackers to exploit it from malicious webpages.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2026-2611: Improper Origin Validation in mlflow/mlflow

Affected Software

Remediation

Patch Available

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2026-2611?

How do I fix CVE-2026-2611?

Who is affected by CVE-2026-2611?

What kind of attack does CVE-2026-2611 enable?

Is CVE-2026-2611 a local or remote vulnerability?

Company

Resources

Contact