CVE-2025-14287
Awaiting Analysis Awaiting Analysis - Queue
Command Injection in MLflow SageMaker CLI via Unsanitized Input

Publication date: 2026-03-16

Last updated on: 2026-04-14

Assigner: huntr.dev

Description
A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the `mlflow/sagemaker/__init__.py` file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, which are then executed using `os.system()`. This allows attackers to execute arbitrary commands by supplying malicious input through the `--container` parameter of the CLI. The issue affects environments where MLflow is used, including development setups, CI/CD pipelines, and cloud deployments.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-04-14
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-14
NVD
CVE-2025-14287
EUVD
EUVD-2025-208671
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
lfprojects mlflow to 3.7.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a command injection issue found in mlflow/mlflow versions before v3.7.0, specifically in the file mlflow/sagemaker/__init__.py at lines 161-167.

It occurs because user-supplied container image names are directly inserted into shell commands without proper sanitization and then executed using os.system().

An attacker can exploit this by providing malicious input through the --container parameter of the CLI, allowing them to execute arbitrary commands on the affected system.

Impact Analysis

This vulnerability can have serious impacts including unauthorized execution of arbitrary commands on systems running vulnerable versions of MLflow.

It affects environments such as development setups, CI/CD pipelines, and cloud deployments where MLflow is used.

Successful exploitation can lead to compromise of confidentiality, integrity, and availability of the affected systems.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14287. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart