Google Keras
4 CVEs affecting Google Keras. Latest disclosed: 2026-02-11. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-1550 | Critical | 9.8 | 2025-03-11 | The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By al… |
CVE-2025-8747 | High | 7.8 | 2025-08-11 | A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution… |
CVE-2026-1669 | High | 7.5 | 2026-02-11 | Arbitrary file read in the model loading mechanism (HDF5 integration) in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacke… |
CVE-2026-0897 | High | 7.5 | 2026-01-15 | Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote… |