Bentoml CVE Vulnerabilities

By Bentoml2 known vulnerabilities

Critical
0
High
2
Medium
0
Low
0
None
0

All Bentoml CVEs

Recent Highest Score Oldest
CVE-2026-44346
8.8 high

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs[*].name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentom

May 27, 2026
CVE-2026-44345
8.8 high

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, src/bentoml/_internal/container/frontend/dockerfile/templates/base_v2.j2 interpolates docker.base_image raw with no escaping, newline filtering, or validation. A malicious bent

May 27, 2026