MLflow's Missing Validators: An Authorization Bypass Across API Surfaces
How Tachyon's autonomous security researcher found an authorization bypass in MLflow by reasoning across protocols and surfaces—and why this class of bug is so hard to catch.
Aakash Japi, co-founder of Tachyon·February 3, 2026·10 min read
Security