Kubeflow Audit Complete

The Open Source Technology Improvement Fund completed a security audit of Kubeflow, auditing six projects in its ecosystem with 14 findings including three critical vulnerabilities. The audit, performed by ADA Logics and supported by the Cloud Native Computing Foundation, included fuzzing, code review, and threat modeling. Kubeflow maintainers have addressed the issues, and users are urged to update to the latest release.

The Open Source Technology Improvement Fund is proud to share the results of our security audit of Kubeflow https://www.kubeflow.org/ . Kubeflow functions for building and deploying customizable machine learning workflows in Kubernetes, and has many subprojects able to be implemented individually or in combination. Thanks to ADA Logics https://adalogics.com/ and the Cloud Native Computing Foundation https://www.cncf.io/ , Kubeflow underwent a custom security engagement that audited 6 projects in the Kubeflow ecosystem. Audit Process : In late summer of 2025, two security engineers from ADA Logics performed a holistic review of a selection of projects in the Kubeflow ecosystem: Katib https://www.kubeflow.org/docs/components/katib/overview/ , Trainer https://www.kubeflow.org/docs/components/trainer/ , Spark Operator https://www.kubeflow.org/docs/components/spark-operator/overview/ , Notebooks https://www.kubeflow.org/docs/components/notebooks/ , Model Registry https://github.com/kubeflow/hub , and Pipelines https://www.kubeflow.org/docs/components/pipelines/ . These audits included CI testing, fuzzing work, thread modeling, code review, and supply chain security review for each of the projects. Read more about each project’s results in the audit report linked below. Audit Results : - 14 Findings with Security Impact - 3 Critical - 7 Moderate - 2 Low - 2 Informational - OpenSSF Scorecard assessments of all 6 projects - Custom threat modelling documentation for all 6 projects - Fuzzing implemented for 4 projects: Katib, Pipeline, Spark Operator, and Model Registry - Custom documentation of the audit scope, discovery, and findings with security impact. Kubeflow maintainers and community worked to resolve and address the issues reported during this engagement. To take advantage of the work done, update to the most recent release of Kubeflow. As machine learning rapidly advances and changes the open source environment, engagements that holistically engage with projects in Artificial Intelligence AI are important to the ecosystem. They create documentation about the security implications of a project at a given time in order to help maintainers with future development as well as educate users on safe and best practices in the code they are utilizing in AI. Thank you to the individuals and groups that made this engagement possible: - Kubeflow maintainers and community, especially: Julius Von Kojout, Matthew Wicks, Francisco Arceo, Humair Kahn, Jeff Spahr, Andy Stoneberg, and Andrey Velichkevich - ADA Logics: Adam Korczynski and David Korczynski - Cloud Native Computing Foundation You can read the Audit Report HERE Everyone around the world depends on open source software. If you’re interested in supporting this critical work, reach out to us https://forms.clickup.com/90132124106/f/2ky4p4ea-3833/O6UZRESBTKJLR0VB72