MLflow FastAPI Job Endpoints CVE-2026-0545 Expose Unauthenticated RCE to Attackers

CVE-2026-0545 is a critical authentication bypass vulnerability (CVSS 9.1) in MLflow, a widely-used open-source platform for managing the machine learning lifecycle. The FastAPI job endpoints under the /ajax-api/3.0/jobs/* path are not protected by authentication controls, allowing unauthenticated remote attackers to interact with job management functionality and potentially execute arbitrary code on the MLflow server. MLflow is extensively used in data science and ML engineering workflows, often with access to training data, model artifacts, and cloud credentials. This vulnerability was published to the NVD on April 4, 2026. The targeting of ML infrastructure represents an emerging attack surface as organizations increasingly rely on these platforms for critical AI/ML operations. Organizations using MLflow should immediately apply available patches, implement network-level access controls to restrict who can reach MLflow endpoints, enable authentication on all API endpoints, and audit access logs for signs of unauthorized job execution. Cloud-hosted MLflow instances are particularly at risk if exposed to the internet without proper authentication.