Detections
Analytics

BentoML < 1.4.38 Multiple Vulnerabilities (GHSA-fgv4-6jr3-jgfw, GHSA-v959-cwq9-7hr6)

high Nessus Plugin ID 306491

Synopsis

The BentoML library installed on the remote host is affected by multiple vulnerabilities.

Description

The version of the BentoML library installed on the remote host is prior to 1.4.38. It is, therefore, affected by multiple vulnerabilities:

 - The cloud deployment path in deployment.py was not included in the fix for CVE-2026-33744. The system_packages field is interpolated directly into a shell command using an f-string without any quoting. The generated script is uploaded to BentoCloud as setup.sh and executed on the cloud build infrastructure during deployment, resulting in remote code execution on the CI/CD tier.
 (CVE-2026-35043)

 - The Dockerfile generation function generate_containerfile() uses an unsandboxed jinja2.Environment with the jinja2.ext.do extension to render user-provided dockerfile_template files. When a victim imports a malicious bento archive and runs bentoml containerize, attacker-controlled Jinja2 template code executes arbitrary Python directly on the host machine, bypassing all container isolation.
 (CVE-2026-35044)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to BentoML version 1.4.38 or later.

See Also

http://www.nessus.org/u?f5e8e8a1

http://www.nessus.org/u?ae59dd10

Plugin Details

Severity: High

ID: 306491

File Name: bentoml_1_4_38.nasl

Version: 1.1

Type: Local

Agent: windows, macosx, unix

Published: 4/15/2026

Updated: 4/15/2026

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-35044

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:bentoml:bentoml

Required KB Items: installed_sw/BentoML

Patch Publication Date: 4/2/2026

Vulnerability Publication Date: 4/2/2026

Reference Information

CVE: CVE-2026-35043, CVE-2026-35044