ai-dynamo (=0.1.0), bentoctl (=0.2.3) +6 more potentially affected by CVE-2026-44345 via bentoml (>=1.0.0a7 <=1.4.3)

bentoml PYPI version =1.0.0a7, =1.0.1, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.6.20 - raptor-labsdk =0.3.2 Source cves: CVE-2026-44345 Source advisory: SNYK:PYTHON-BENTOML-16642321...

ai-dynamo (=0.1.0), bento2seldon (>=0.1.0 <=0.4.0) +16 more potentially affected by CVE-2026-27905 via bentoml (>=0.10.1 <=1.4.3)

bentoml PYPI version =0.10.1, =0.1.0, =0.1.0, =0.0.10, =0.0.5, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.0.1, =0.0.1, =0.0.13 and more Source cves: CVE-2026-27905 Source advisory: OSV:GHSA-M6W7-QV66-G3MF...

ai-dynamo (=0.1.0), bentoctl (=0.2.3) +6 more potentially affected by CVE-2026-24123 via bentoml (>=1.0.0a7 <=1.4.3)

bentoml PYPI version =1.0.0a7, =1.0.1, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.6.20 - raptor-labsdk =0.3.2 Source cves: CVE-2026-24123 Source advisory: SNYK:PYTHON-BENTOML-15123972...

ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-54381 via bentoml (>=1.4.0a2 <=1.4.1)

bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-54381 Source advisory: OSV:GHSA-MRMQ-3Q62-6CC8...

ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-54381 via bentoml (>=1.4.0a2 <=1.4.1)

bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-54381 Source advisory: SNYK:PYTHON-BENTOML-11327149...

ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-27520 via bentoml (>=1.4.0a2 <=1.4.1)

bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-27520 Source advisory: OSV:GHSA-33XW-247W-6HMC...

ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-27520 via bentoml (>=1.4.0a2 <=1.4.1)

bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-27520 Source advisory: SNYK:PYTHON-BENTOML-9667321...

Directory Traversal

Overview openllm is an OpenLLM: Self-hosting LLMs Made Easy. Affected versions of this package are vulnerable to Directory Traversal due to unprotected path formation in local.py, which allows local file inclusion. An attacker can access files on the server. PoC...

CVE-2024-8982

A Local File Inclusion LFI vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose internal server files and potentially sensitive information such as configuration files, passwords, and other critical dat...

CVE-2024-8982 Local File Inclusion in bentoml/openllm

A Local File Inclusion LFI vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose internal server files and potentially sensitive information such as configuration files, passwords, and other critical dat...