{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-44346","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2026-05-05T19:52:59.148Z","datePublished":"2026-05-27T17:22:47.101Z","dateUpdated":"2026-05-27T17:22:47.101Z"},"containers":{"cna":{"title":"BentoML: Dockerfile command injection via envs[*].name in bentofile.yaml","problemTypes":[{"descriptions":[{"cweId":"CWE-78","lang":"en","description":"CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-94","lang":"en","description":"CWE-94: Improper Control of Generation of Code ('Code Injection')","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"name":"https://github.com/bentoml/BentoML/security/advisories/GHSA-w2pm-x38x-jp44","tags":["x_refsource_CONFIRM"],"url":"https://github.com/bentoml/BentoML/security/advisories/GHSA-w2pm-x38x-jp44"}],"affected":[{"vendor":"bentoml","product":"BentoML","versions":[{"version":"< 1.4.39","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2026-05-27T17:22:47.101Z"},"descriptions":[{"lang":"en","value":"BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs[*].name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentoml containerize on the imported bento, those RUN directives execute on the host during docker build. This vulnerability is fixed in 1.4.39."}],"source":{"advisory":"GHSA-w2pm-x38x-jp44","discovery":"UNKNOWN"}}}}