17 matches found
ai-dynamo (=0.1.0), bentoctl (=0.2.3) +6 more potentially affected by CVE-2026-44345 via bentoml (>=1.0.0a7 <=1.4.3)
bentoml PYPI version =1.0.0a7, =1.0.1, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.6.20 - raptor-labsdk =0.3.2 Source cves: CVE-2026-44345 Source advisory: SNYK:PYTHON-BENTOML-16642321...
ai-dynamo (=0.1.0), bentoctl (=0.2.3) +6 more potentially affected by CVE-2026-35043 via bentoml (>=1.0.0a7 <=1.4.3)
bentoml PYPI version =1.0.0a7, =1.0.1, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.6.20 - raptor-labsdk =0.3.2 Source cves: CVE-2026-35043 Source advisory: SNYK:PYTHON-BENTOML-15909743...
ai-dynamo (=0.1.0), bento2seldon (>=0.1.0 <=0.4.0) +16 more potentially affected by CVE-2026-27905 via bentoml (>=0.10.1 <=1.4.3)
bentoml PYPI version =0.10.1, =0.1.0, =0.1.0, =0.0.10, =0.0.5, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.0.1, =0.0.1, =0.0.13 and more Source cves: CVE-2026-27905 Source advisory: OSV:GHSA-M6W7-QV66-G3MF...
ai-dynamo (=0.1.0), bentoctl (=0.2.3) +6 more potentially affected by CVE-2026-24123 via bentoml (>=1.0.0a7 <=1.4.3)
bentoml PYPI version =1.0.0a7, =1.0.1, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.6.20 - raptor-labsdk =0.3.2 Source cves: CVE-2026-24123 Source advisory: SNYK:PYTHON-BENTOML-15123972...
EUVD-2025-6886
Malicious code in bioql PyPI...
ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-54381 via bentoml (>=1.4.0a2 <=1.4.1)
bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-54381 Source advisory: OSV:GHSA-MRMQ-3Q62-6CC8...
ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-54381 via bentoml (>=1.4.0a2 <=1.4.1)
bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-54381 Source advisory: SNYK:PYTHON-BENTOML-11327149...
ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-27520 via bentoml (>=1.4.0a2 <=1.4.1)
bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-27520 Source advisory: OSV:GHSA-33XW-247W-6HMC...
ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-27520 via bentoml (>=1.4.0a2 <=1.4.1)
bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-27520 Source advisory: SNYK:PYTHON-BENTOML-9667321...
CVE-2024-8982
A Local File Inclusion LFI vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose internal server files and potentially sensitive information such as configuration files, passwords, and other critical dat...
llama-index-llms-openllm (>=0.0.1 <=0.4.0) potentially affected by CVE-2024-8982 via openllm (>=0.4.44 <=0.6.30)
openllm PYPI version =0.4.44, =0.0.1, =0.4.0 Source cves: CVE-2024-8982 Source advisory: SNYK:PYTHON-OPENLLM-9599694...
Directory Traversal
Overview openllm is an OpenLLM: Self-hosting LLMs Made Easy. Affected versions of this package are vulnerable to Directory Traversal due to unprotected path formation in local.py, which allows local file inclusion. An attacker can access files on the server. PoC...
CVE-2024-8982
A Local File Inclusion LFI vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose internal server files and potentially sensitive information such as configuration files, passwords, and other critical dat...
CVE-2024-8982 Local File Inclusion in bentoml/openllm
A Local File Inclusion LFI vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose internal server files and potentially sensitive information such as configuration files, passwords, and other critical dat...
CVE-2024-8982 Local File Inclusion in bentoml/openllm
A Local File Inclusion LFI vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose internal server files and potentially sensitive information such as configuration files, passwords, and other critical dat...
CVE-2024-8982
CVE-2024-8982 affects OpenLLM 0.6.10 with a Local File Inclusion (LFI) vulnerability that allows an attacker to include files from the local server via the web application. Public descriptions consistently cite exposure of internal files and sensitive data (e.g., configuration files, user credent...
OpenLLM 安全漏洞
OpenLLM is an open source LLM from BentoML Open Source. A security vulnerability exists in OpenLLM version 0.6.10 that stems from a failure to validate user input and could lead to a local file inclusion attack...