Openllm
Monthly
Command injection in bentoml OpenLLM 0.6.30 allows local low-privilege users to execute arbitrary shell commands by supplying crafted model repository directory name arguments to the `async_run_command` function in `src/openllm/common.py`. A public proof-of-concept exploit is available per the CVSS 4.0 E:P modifier and disclosure notes, though no CISA KEV listing exists and the project had not responded to responsible disclosure at the time of reporting. The CVSS 4.0 base score of 1.9 reflects a constrained real-world risk profile due to the strictly local attack vector and limited Low-rated confidentiality, integrity, and availability impact.
Command injection in bentoml OpenLLM 0.6.30 allows local low-privilege users to execute arbitrary shell commands by supplying crafted model repository directory name arguments to the `async_run_command` function in `src/openllm/common.py`. A public proof-of-concept exploit is available per the CVSS 4.0 E:P modifier and disclosure notes, though no CISA KEV listing exists and the project had not responded to responsible disclosure at the time of reporting. The CVSS 4.0 base score of 1.9 reflects a constrained real-world risk profile due to the strictly local attack vector and limited Low-rated confidentiality, integrity, and availability impact.