Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 12 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-35044 BentoML has a Server-Side Template Injection via unsandboxed Jinja2 Environment in Dockerfile generation bentomlBentoML High 8.8 2026-04-06 17:13:43 Deep Dive
CVE-2026-35043 BentoML: command injection in cloud deployment setup script (deployment.py) bentomlBentoML High 7.8 2026-04-06 17:10:24 Deep Dive
CVE-2026-33744 BentoML has Dockerfile Command Injection via system_packages in bentofile.yaml bentomlBentoML High 7.8 2026-03-27 00:45:08 Deep Dive
CVE-2026-27905 BentoML has an Arbitrary File Write via Symlink Path Traversal in Tar Extraction bentomlBentoML--2026-03-03 22:45:40 Deep Dive
CVE-2026-24123 BentoML has a Path Traversal via Bentofile Configuration bentomlBentoML High 7.4 2026-01-26 22:14:40 Deep Dive
CVE-2025-54381 BentoML is Vulnerable to an SSRF Attack Through File Upload Processing bentomlBentoML Critical 9.9 2025-07-29 22:11:24 Deep Dive
CVE-2025-32375 Insecure Deserialization leads to RCE in BentoML's runner server bentomlBentoML Critical 9.8 2025-04-09 15:30:04 Deep Dive
CVE-2025-27520 BentoML Allows Remote Code Execution (RCE) via Insecure Deserialization bentomlBentoML Critical 9.8 2025-04-04 14:28:52 Deep Dive
CVE-2024-8982 Local File Inclusion in bentoml/openllm bentomlbentoml/openllm 中危 -2025-03-20 10:10:25 Deep Dive
CVE-2024-9070 Deserialization Vulnerability in BentoML's Runner Server in bentoml/bentoml bentomlbentoml/bentoml 超危 -2025-03-20 10:10:15 Deep Dive
CVE-2024-9056 Denial of Service in bentoml/bentoml bentomlbentoml/bentoml 高危 -2025-03-20 10:10:12 Deep Dive
CVE-2024-2912 Insecure Deserialization Leading to RCE in bentoml/bentoml bentomlbentoml/bentoml Critical 10.0 2024-04-16 00:00:15 Deep Dive