CVE-2025-54381: BentoML is a Python library for building online serving systems optimized for AI apps and model inference. In versions 1
Summary
BentoML versions 1.4.0 to 1.4.19 have an SSRF vulnerability (server-side request forgery, where an attacker tricks a server into making requests to internal or restricted addresses) in their file upload feature. An unauthenticated attacker can exploit this to force the server to download files from any URL, including internal network addresses and cloud metadata endpoints (services that store sensitive information), without any validation.
Solution / Mitigation
Upgrade to version 1.4.19 or later, which contains a patch for the issue.
Vulnerability Details
9.9(critical)
EPSS: 0.5%
Classification
Affected Vendors
Related Issues
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
CVE-2021-29541: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null p
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-54381
First tracked: February 15, 2026 at 08:45 PM
Classified by LLM (prompt v3) · confidence: 95%