Nixpkgs security tracker
NIXPKGS-2026-1038
GitHub issue
published on
Permalink
CVE-2026-35043
7.8 HIGH
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
by @LeSuisse Activity log
- Created automatic suggestion
- @LeSuisse accepted
- @LeSuisse published on GitHub
BentoML: command injection in cloud deployment setup script (deployment.py)
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.38, the cloud deployment path in src/bentoml/_internal/cloud/deployment.py was not included in the fix for CVE-2026-33744. Line 1648 interpolates system_packages directly into a shell command using an f-string without any quoting. The generated script is uploaded to BentoCloud as setup.sh and executed on the cloud build infrastructure during deployment, making this a remote code execution on the CI/CD tier. This vulnerability is fixed in 1.4.38.
References
-
https://github.com/bentoml/BentoML/security/advisories/GHSA-fgv4-6jr3-jgfw x_refsource_CONFIRM
Affected products
BentoML
- ==< 1.4.38
Matching in nixpkgs
pkgs.python312Packages.bentoml
Build Production-Grade AI Applications
Package maintainers
-
@natsukium Tomoya Otabi <nixpkgs@natsukium.com>
-
@happysalada Raphael Megzari <raphael@megzari.com>