PYSEC-2026-2089

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/bentoml/PYSEC-2026-2089.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-2089
Aliases
Published
2026-07-08T14:16:56.643Z
Modified
2026-07-10T11:30:05.951427430Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the function asyncruncommand of the file src/openllm/common.py of the component Model Repository Directory Name Handler. Performing a manipulation of the argument cmd results in command injection. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

References

Affected packages

PyPI / bentoml

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
0.6.30

Affected versions

0.*
0.0.1
0.0.2
0.0.3
0.0.5
0.0.6a0
0.0.7.dev0
0.0.7
0.0.8
0.0.8.post1
0.0.9
0.1.1
0.1.2
0.2.0
0.2.1
0.2.2
0.3.0
0.3.1
0.3.3
0.3.4
0.4.0
0.4.1
0.4.2
0.4.3
0.4.4
0.4.5
0.4.7
0.4.8
0.4.9
0.5.0
0.5.1
0.5.2
0.5.3
0.5.4
0.5.5
0.5.6
0.5.7
0.5.8
0.6.0
0.6.1
0.6.2
0.6.3

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/bentoml/PYSEC-2026-2089.yaml"