CVE-2026-44345

Name of the Vulnerable Software and Affected Versions BentoML versions prior to 1.4.39

Description BentoML is a Python library used for building online serving systems optimized for AI applications and model inference. The issue occurs because the template src/bentoml/ internal/container/frontend/dockerfile/templates/base v2.j2 interpolates the docker.base image variable without escaping, newline filtering, or validation. A malicious bento.yaml file containing a multi-line value for docker.base image can smuggle arbitrary Dockerfile directives into the generated Dockerfile. When the bentoml containerize command is executed, it triggers a docker build that runs the injected RUN directives on the host system.

Recommendations Update to version 1.4.39.