Home / Vulnerability Intelligence / CVE-2025-15036

CVE-2025-15036 - Vulnerability Analysis

CriticalCVSS: 9.6

Last Updated: March 30, 2026

mlflow mlflow - Path Traversal

Published: March 30, 2026Updated: March 30, 2026Remote Exploitable

Overview

mlflow/mlflow < v3.7.0 contains a path traversal caused by lack of validation of tar member paths in extract_archive_to_dir function, letting attackers overwrite arbitrary files or escalate privileges, exploit requires crafted tar.gz file.

Severity & Score

Severity: Critical

CVSS Score: 9.6

EPSS Score: 0.0%(Probability of exploitation in next 30 days)

Impact

Attackers can overwrite arbitrary files or escalate privileges, potentially escaping sandbox in shared environments.

Mitigation

Update to version v3.7.0 or later.

References

Social Media Activity(2 posts)

TheHackerWire

@thehackerwire

Mar 30, 2026

🔴 CVE-2025-15036 - Critical (9.6) A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the la... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15036/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 30, 2026

View original post

Related Resources

Details

CVE ID: CVE-2025-15036
Severity: Critical
CVSS Score: 9.6
Type: path_traversal
Status: new
EPSS: 0.0%
Social Posts: 2

CWE

CWE-29

CVSS Metrics

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS Score

0.0%Probability of exploitation in the next 30 days