CVE-2025-15381

Description

MLFlow allows Tracing + Assessments Access

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://huntr.com/bounties/149fb2f9-ef4b-4136-a25c-20563451904c
• https://nvd.nist.gov/vuln/detail/CVE-2025-15381
• https://github.com/mlflow/mlflow
• https://github.com/mlflow/mlflow/blob/b569ebc74c14af593c326143bee2df44a5d59edf/mlflow/server/auth/__init__.py#L752

CWEs

CWE-200