Security Research PoC โ BentoML picklable_model cloudpickle.load() RCE
Demonstrates unsafe cloudpickle.load() in bentoml/_internal/frameworks/picklable_model.py:73
import bentoml
model = bentoml.picklable_model.load_model('poc-model:latest')
# Prints: [VULNERABLE] BentoML cloudpickle.load() RCE:
# uid=501(user) gid=20(staff) ...
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐ Ask for provider support