CVE-2025-15381 — In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including — CVE Database · The Intelligence Room