Arbitrary Code Execution Vulnerability in BentoML by Pivotal Software
CVE-2026-35044

8.8HIGH

Key Information:

Vendor: Bentoml
Status: Bentoml
Vendor: CVE Published:; 6 April 2026

What is CVE-2026-35044?

BentoML, a Python library designed for building optimized serving systems for AI applications, contains a significant vulnerability in its Dockerfile generation process. Prior to version 1.4.38, the function responsible for generating container files utilized an unsandboxed Jinja2 environment, allowing for the execution of arbitrary Python code when processing malicious user-provided templates. This flaw can enable an attacker to execute harmful commands directly on the host machine, circumventing all existing container isolation measures. The issue has been addressed in the latest release.

Affected Version(s)

BentoML < 1.4.38

References

https://github.com/bentoml/BentoML/security/advisories/GH...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 6, 2026
Vulnerability Reserved
Mar 31, 2026

CVE-2026-35044 Data

JSON

Bentoml

What is CVE-2026-35044?

Affected Version(s)

References

CVSS V3.1

Timeline