CVE-2025-27520

CRITICAL

BentoML v1.4.2 - RCE

Title source: llm

Description

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in the latest version (v1.4.2) of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. It exists an unsafe code segment in serde.py. This vulnerability is fixed in 1.4.3.

Exploits (3)

nomisec WORKING POC

by Evillm · poc

https://github.com/Evillm/CVE-2025-27520-PoC

View Code ZIP pw:eip

nomisec WORKING POC

by amalpvatayam67 · poc

https://github.com/amalpvatayam67/day09-bentoml-deser-lab

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by c2an1, Takahiro Yokoyama · rubypocpython

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/bentoml_rce_cve_2025_27520.rb

View Code ZIP pw:eip

References (2)

[Patch] https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194

[Exploit, Third Party Advisory] https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc

Scores

CVSS v3 9.8

EPSS 0.8735

EPSS Percentile 99.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-502

Status published

Affected Products (2)

bentoml/bentoml < 1.4.2

pypi/bentoml < 1.4.3PyPI

Timeline

Published Apr 04, 2025

Tracked Since Feb 18, 2026