CVE-2025-14287
HIGHCVSS v3.1: 8.8 · EPSS: 0.0124 (65.3 percentile)
Source data as of:
At a glance
- Severity
- HIGH
- CVSS
- 8.8 v3.1 · NVD
- EPSS
- 0.0124 (65.3 percentile) · FIRST.org
- CISA KEV
- No
- Type
- Code Injection, OS Command Injection · NVD CWE
- Attack conditions (CVSS vector)
- NetworkNo privileges · Source: NVD Vector
- Affected vendors
- lfprojects
- Published
- 2026-03-16 · Modified: 2026-06-30
- References
- Jump to references (4)
CVSS / EPSS / KEV
Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources
Description
A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the `mlflow/sagemaker/__init__.py` file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, which are then executed using `os.system()`. This allows attackers to execute arbitrary commands by supplying malicious input through the `--container` parameter of the CLI. The issue affects environments where MLflow is used, including development setups, CI/CD pipelines, and cloud deployments.
References
Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.