Google Keras

4 CVEs affecting Google Keras. Latest disclosed: 2026-02-11. Critical: 1, High: 3.

Top CVEs affecting Google Keras
CVESeverityScorePublishedSummary
CVE-2025-1550Critical9.82025-03-11The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By al…
CVE-2025-8747High7.82025-08-11A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution…
CVE-2026-1669High7.52026-02-11Arbitrary file read in the model loading mechanism (HDF5 integration) in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacke…
CVE-2026-0897High7.52026-01-15Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote…