CVE-2026-35044 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: April 6, 2026
BentoML - Template Injection
Published: April 6, 2026Updated: April 6, 2026Remote Exploitable
Overview
BentoML < 1.4.38 contains a template injection caused by unsandboxed jinja2.Environment with jinja2.ext.do extension in Dockerfile generation, letting attackers execute arbitrary Python code on the host, exploit requires importing a malicious bento archive and running containerize.
Severity & Score
Severity: High
CVSS Score: 8.8
Impact
Attackers can execute arbitrary Python code on the host, bypassing container isolation and potentially compromising the entire system.
Mitigation
Update to version 1.4.38 or later.
Related Resources
Details
- CVE ID
- CVE-2026-35044
- Severity
- High
- CVSS Score
- 8.8
- Type
- template_injection
- Status
- new
CWE
- CWE-1336
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H