CVE-2026-2635

CRITICAL LAB

MLflow - Auth Bypass

Title source: llm

Description

MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the basic_auth.ini file. The file contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of the administrator. Was ZDI-CAN-28256.

Exploits (1)

github WORKING POC 1 stars

by exploitintel · pythonpoc

https://github.com/exploitintel/eip-pocs-and-cves/tree/main/CVE-2026-2635

View Code ZIP pw:eip

References (2)

[Third Party Advisory] https://www.zerodayinitiative.com/advisories/ZDI-26-111/

[Issue Tracking] https://github.com/mlflow/mlflow/pull/19260

Related Analysis

72-Hour Stress Test

Scores

CVSS v3 9.8

EPSS 0.0109

EPSS Percentile 77.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Lab Environment

EIP LAB

Lab screenshot

patched docker pull ghcr.io/exploitintel/cve-2026-2635-patched:latest

vulnerable docker pull ghcr.io/exploitintel/cve-2026-2635-vulnerable:latest

View in Library GitHub

COMMUNITY

docker pull ghcr.io/exploitintel/cve-2026-2635-vulnerable:latest

docker pull ghcr.io/exploitintel/cve-2026-2635-patched:latest

docker pull ghcr.io/exploitintel/cve-2026-2635-v3.10:latest

https://github.com/exploitintel/eip-pocs-and-cves

View in Library

Details

CWE

CWE-1393

Status published

Products (2)

MLflow/MLflow 3.4.0

pypi/mlflow 0 - 3.8.0rc0PyPI

Published Feb 20, 2026

Tracked Since Feb 21, 2026