Browse all 12 CVE security advisories affecting bentoml. AI-powered Chinese analysis, POCs, and references for each vulnerability.
BentoML serves as an open-source platform for packaging, deploying, and managing AI models, primarily used by data science teams to operationalize machine learning workflows. Historically, the project has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and insecure default configurations. While no major security incidents have been widely documented, the 12 recorded CVEs highlight potential risks in model serving infrastructure. Security researchers have identified issues in web interfaces and API endpoints that could allow unauthorized access or system compromise, emphasizing the need for proper input sanitization and access controls in production deployments.
This page lists every published CVE security advisory associated with bentoml. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.