AI Threat Alert
BentoML
pip MLOps16
Total CVEs
7
Critical
pip
Ecosystem
Mar 27, 2026
Last CVE
Known Vulnerabilities (16 shown)
Severity CVE ID Summary CVSS Published
HIGH CVE-2026-33744 BentoML: command injection in bentofile.yaml containerize 7.8 Mar 27, 2026 MEDIUM GHSA-564p-rx2q-4c8v BentoML: open redirect exposes ML teams to phishing 6.1 Mar 20, 2025 HIGH GHSA-hh3j-9m59-p8vc BentoML: DoS via multipart boundary in Gradio login 7.5 Mar 20, 2025 HIGH CVE-2026-27905 bentoml: security flaw enables exploitation 7.8 Mar 3, 2026 HIGH CVE-2026-27905 bentoml: security flaw enables exploitation 7.8 Mar 3, 2026 HIGH CVE-2026-27905 bentoml: security flaw enables exploitation 7.8 Mar 3, 2026 MEDIUM CVE-2026-24123 bentoml: Path Traversal enables file access 6.5 Jan 26, 2026 MEDIUM CVE-2026-24123 bentoml: Path Traversal enables file access 6.5 Jan 26, 2026 CRITICAL CVE-2025-54381 BentoML: unauthenticated SSRF via file upload URLs 9.9 Jul 29, 2025 CRITICAL CVE-2025-54381 BentoML: unauthenticated SSRF via file upload URLs 9.9 Jul 29, 2025 CRITICAL CVE-2025-32375 BentoML: RCE via insecure deserialization in runner 9.8 Apr 9, 2025 CRITICAL CVE-2025-32375 BentoML: RCE via insecure deserialization in runner 9.8 Apr 9, 2025 CRITICAL CVE-2025-27520 BentoML: unauthenticated RCE via insecure deserialization 9.8 Apr 4, 2025 CRITICAL CVE-2025-27520 BentoML: unauthenticated RCE via insecure deserialization 9.8 Apr 4, 2025 CRITICAL CVE-2024-9070 BentoML: unauthenticated RCE via runner deserialization 9.8 Mar 20, 2025 HIGH CVE-2024-9056 BentoML: DoS via multipart boundary exhausts server 7.5 Mar 20, 2025 Monitor BentoML in your stack
Get instant alerts when new vulnerabilities affect BentoML. CISO analysis, ATLAS technique mappings, and compliance reports included.
Start Monitoring