BentoML < 1.4.37 Command Injection (GHSA-jfjg-vc52-wqvf)

Version 1.3

Apr 2, 2026, 7:58 PM

CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C")
CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
Exploit attributes ("Exploit available" set to "True")
Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available")