CVE-2026-13484
Received Received - Intake

Missing Authorization in MLflow Experiment-scoped Label Schema CRUD API

Publication date: 2026-06-28

Last updated on: 2026-06-28

Assigner: VulDB

Description
A vulnerability has been found in MLflow up to 4666cffc7912ea606d592fc38d6a75e2935f65e7. The impacted element is an unknown function of the component Experiment-scoped Label Schema CRUD API. Such manipulation leads to missing authorization. It is possible to launch the attack remotely. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been disclosed to the public and may be used. A reply to the GitHub issue explains, that "[t]he labeling schema PR has not been merged yet. The auth handlers will be added before the release."

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-28
Last Modified
2026-06-28
Generated
2026-06-28
AI Q&A
2026-06-28
EPSS Evaluated
N/A
NVD
CVE-2026-13484
EUVD
EUVD-2026-39984

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
mlflow mlflow to 4666cffc7912ea606d592fc38d6a75e2935f65e7 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in MLflow (CVE-2026-13484) involves the Experiment-scoped Label Schema CRUD API bypassing Role-Based Access Control (RBAC) checks. Specifically, new label schema APIs were introduced but their protobuf request classes were not registered properly in the authentication handlers. As a result, authenticated non-admin users can perform create, read, update, and delete operations on label schemas without having the required experiment permissions.

The vulnerability allows these unauthorized operations after basic authentication succeeds, effectively missing authorization checks. The issue affects multiple MLflow components such as tracking, evaluation, and UI/UX.

Impact Analysis

This vulnerability can impact you by allowing authenticated users with limited permissions to bypass experiment-level access controls and manipulate label schemas. This means unauthorized users could create, read, update, or delete label schemas related to experiments without proper authorization.

Such unauthorized access could lead to data integrity issues, unauthorized changes in experiment metadata, and potential disruption of AI model tracking and evaluation processes.

Detection Guidance

This vulnerability involves unauthorized access to the experiment-scoped label schema CRUD APIs in MLflow, specifically under the endpoints `/api/3.0/mlflow/label-schemas/*` and `/ajax-api/3.0/mlflow/label-schemas/*`.

To detect exploitation attempts on your system or network, you can monitor HTTP requests targeting these label schema API endpoints, especially those made by authenticated non-admin users.

Suggested commands include using network monitoring or web server logs to filter requests to these paths. For example, using `grep` on access logs:

  • grep "/api/3.0/mlflow/label-schemas/" /path/to/mlflow/access.log
  • grep "/ajax-api/3.0/mlflow/label-schemas/" /path/to/mlflow/access.log

Additionally, you can check for unexpected create, read, update, or delete operations on label schemas by reviewing logs or audit trails for these API calls.

Mitigation Strategies

Immediate mitigation involves restricting access to the vulnerable label schema APIs and ensuring proper authorization checks are enforced.

Specifically, you should:

  • Limit access to the endpoints `/api/3.0/mlflow/label-schemas/*` and `/ajax-api/3.0/mlflow/label-schemas/*` to trusted administrators only.
  • Apply network-level controls such as firewall rules or API gateway policies to block unauthorized users from accessing these endpoints.
  • Monitor and audit API usage to detect any unauthorized operations.

Longer term, apply the recommended fix by updating MLflow to include the label schema protobuf request classes in the authentication handlers and implement the necessary experiment and schema-id based permission validators as described in the fix for this issue.

Compliance Impact

The vulnerability in MLflow allows authenticated non-admin users to bypass experiment Role-Based Access Control (RBAC) checks on label schema APIs, enabling unauthorized create, read, update, and delete operations on label schemas.

Such missing authorization could lead to unauthorized access or modification of sensitive data or metadata related to experiments, which may impact compliance with data protection regulations like GDPR or HIPAA that require strict access controls and data integrity.

However, the provided information does not explicitly state the direct impact on compliance with these standards or regulations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-13484. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart