{"uuid": "9963d1f6-58d1-4ab2-ac57-c8ed4f46f514", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3198", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnbs4zpp6f2f", "content": "CVE-2026-3198 - Improper Access Control in mlflow/mlflow\nCVE ID : CVE-2026-3198\n \n Published : June 2, 2026, 4:17 a.m. | 15\u00a0minutes ago\n \n Description : MLflow 3.9.0 with basic-auth (`--app-name basic-auth`) fails to enforce authorization checks for multiple Gateway API 'list'...", "creation_timestamp": "2026-06-02T04:48:34.308633Z"}