CVE-2026-40610 BentoML has Information Disclosure in `bentoml build` via symlink traversal in the build context

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. In versions 1.4.38 and prior, the build packaging workflow follows attacker-controlled symlinks inside the build context and copies the referenced file contents into the generated Bento...