122 matches found
PYSEC-2026-189
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, src/bentoml/internal/container/frontend/dockerfile/templates/basev2.j2 interpolates docker.baseimage raw with no escaping, newline filtering, or validation. A malicious...
PYSEC-2026-190
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentom...
CVE-2026-44345 BentoML: Dockerfile command injection via docker.base_image
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, src/bentoml/internal/container/frontend/dockerfile/templates/basev2.j2 interpolates docker.baseimage raw with no escaping, newline filtering, or validation. A malicious...
EUVD-2026-32609
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentom...
PT-2026-45980
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentom...
CVE-2026-40610 BentoML has Information Disclosure in `bentoml build` via symlink traversal in the build context
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. In versions 1.4.38 and prior, the build packaging workflow follows attacker-controlled symlinks inside the build context and copies the referenced file contents into the generated Bento...
BentoML 后置链接漏洞
BentoML is an open-source model service library developed by BentoML. It is used to build high-performance and scalable artificial intelligence applications using Python. Versions of BentoML prior to 1.4.38 contained a post-link vulnerability. This vulnerability stemmed from the fact that the bui...
CVE-2026-33813 vulnerabilities
Vulnerabilities for packages: mattermost-fips, ollama, gitea, seaweedfs-operator, ollama-fips, kubescape-server, mattermost, bento-fips, kubescape-server-fips, kubescape, seaweedfs-rocksdb-fips, gitea-fips, bento, seaweedfs-rocksdb, seaweedfs-operator-fips...
PT-2026-39663
Name of the Vulnerable Software and Affected Versions BentoML versions prior to 1.4.39 Description BentoML is a Python library used for building online serving systems optimized for AI applications and model inference. The issue occurs because the template src/bentoml/...
CVE-2026-41602 vulnerabilities
Vulnerabilities for packages: nri-jmx, telegraf, opentelemetry-collector-fips, dapr, falcosidekick, nri-kafka-fips, temporal-server, apm-server-fips, amazon-cloudwatch-agent, grafana, agentbeat, tempo-fips, vault-fips, tempo, jitsucom-bulker, seaweedfs-rocksdb-fips, elastic-agent, minio,...
GHSA-WF45-Q9CH-Q8GH vulnerabilities
Vulnerabilities for packages: nri-jmx, telegraf, opentelemetry-collector-fips, dapr, falcosidekick, nri-kafka-fips, temporal-server, apm-server-fips, amazon-cloudwatch-agent, grafana, agentbeat, tempo-fips, vault-fips, tempo, jitsucom-bulker, seaweedfs-rocksdb-fips, elastic-agent, minio,...
CVE-2026-41653 BentoPDF: Stored XSS via Markdown Editor Leading to Persistent File Exfiltration
BentoPDF is a client-side PDF toolkit that is self hostable. Prior to version 2.8.3, a cross-site scripting vulnerability was identified in BentoPD. An attacker may be able to execute arbitrary JavaScript in certain circumstances in Markdown to PDF Tool. This issue has been patched in version 2.8...
GHSA-MCFX-4VC6-QGXV BentoML has Information Disclosure in `bentoml build` via symlink traversal in the build context
Summary BentoML's bentoml build packaging workflow follows attacker-controlled symlinks inside the build context and copies the referenced file contents into the generated Bento artifact. If a victim builds an untrusted repository or other attacker-supplied build context, the attacker can place a...
CVE-2026-41602 vulnerabilities
Vulnerabilities for packages: tempo, grafana-alloy, minio, dapr, amazon-cloudwatch-agent, jaeger, nri-kafka, nri-jmx, opentelemetry-collector-contrib, grafana, bento, seaweedfs, telegraf, datadog-agent, temporal, temporal-server, jitsucom-bulker, falcosidekick, opentelemetry-collector, loki,...
GHSA-WF45-Q9CH-Q8GH vulnerabilities
Vulnerabilities for packages: tempo, grafana-alloy, minio, dapr, amazon-cloudwatch-agent, jaeger, nri-kafka, nri-jmx, opentelemetry-collector-contrib, grafana, bento, seaweedfs, telegraf, datadog-agent, temporal, temporal-server, jitsucom-bulker, falcosidekick, opentelemetry-collector, loki,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: karpenter, k8sgpt-operator, witness, xeol, trivy-operator, step, prometheus-operator, external-secrets-operator, snyk-cli, dbmate, step-issuer, juicefs-csi-driver, kubescape-operator, oauth2-proxy, certificate-transparency, docker-cli, volume-modifier-for-k8s, grafan...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: k8sgpt-operator, pulumi, trivy-operator, external-secrets-operator, step-issuer, kube-logging-operator-custom-runner, nsc, kubescape-operator, volume-modifier-for-k8s, mailpit, mongo-tools, mountpoint-s3-csi-driver, step-ca, tkn, knative-operator, wal-g,...
GHSA-HFVC-G4FC-PQHX vulnerabilities
Vulnerabilities for packages: tempo, thanos, witness, xeol, kubernetes-csi-external-provisioner, pulumi, trivy-operator, guac, snyk-cli, jaeger, cluster-api-helm-controller, sops, kubo, rke2-cloud-provider, tfsec, kubescape-operator, grafana, kubescape, seaweedfs, metallb, buildkitd, kine, kyvern...
GHSA-FGV4-6JR3-JGFW BentoML: Command Injection in cloud deployment setup script
Commit ce53491 March 24 fixed command injection via systempackages in Dockerfile templates and images.py by adding shlex.quote. However, the cloud deployment path in src/bentoml/internal/cloud/deployment.py was not included in the fix. Line 1648 interpolates systempackages directly into a shell...
CVE-2026-5236
A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument npresentations leads to heap-based buffer overflow. The attack needs to be performed...