Arbitrary Command Execution Vulnerability in BentoML by Bentoml
CVE-2026-33744

7.8HIGH

Key Information:

Vendor: Bentoml
Status: Bentoml
Vendor: CVE Published:; 27 March 2026

What is CVE-2026-33744?

BentoML, a Python library for creating online serving systems tailored for AI applications, contains a vulnerability in its bentofile.yaml configuration file. Prior to version 1.4.37, the docker.system_packages field allowed users to specify arbitrary strings. These strings were directly interpolated into Dockerfile RUN commands without proper sanitization, posing a risk of arbitrary command execution during the bentoml containerize or docker build processes. This flaw could lead to significant security breaches if exploited by an attacker, especially since the system_packages field is intended for valid OS package names. Version 1.4.37 addresses this critical issue, enhancing the overall security of the library.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

BentoML < 1.4.37

References

https://github.com/bentoml/BentoML/security/advisories/GH...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2026
Vulnerability Reserved
Mar 23, 2026

JSON

Bentoml

What is CVE-2026-33744?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.