CVE-2025-11200
Published: 29 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-11200 is an authentication bypass vulnerability in MLflow stemming from weak password requirements. The flaw exists within the handling of passwords in affected installations of MLflow, allowing remote attackers to bypass authentication entirely, as no prior authentication is required to exploit it. This issue, previously tracked as ZDI-CAN-26916, carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-521.
Remote attackers can exploit this vulnerability over the network with low complexity and no privileges. Successful exploitation enables bypassing authentication on the MLflow system, granting unauthorized access that could compromise confidentiality, integrity, and availability to a high degree.
Mitigation details are provided in the Zero Day Initiative advisory at https://www.zerodayinitiative.com/advisories/ZDI-25-932/ and a corresponding patch in the MLflow GitHub commit at https://github.com/mlflow/mlflow/commit/1f74f3f24d8273927b8db392c23e108576936c54.
MLflow is a popular open-source platform for managing machine learning lifecycles, making this vulnerability particularly relevant to AI/ML deployments where tracking experiments and models occurs.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is an authentication bypass in the public-facing MLflow platform, directly enabling initial access via exploitation of a public-facing application.