A vulnerability was found in BentoML up to 1.4.37 and classified as critical . Affected is the function generate_containerfile of the file src/bentoml/_internal/container/generate.py . Executing a manipulation can lead to improper neutralization of special elements used in a template engine. This vulnerability appears as CVE-2026-35044 . The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.