Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/23 4:49 p.m.27 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in keras-2.13.1-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in keras-2.13.1-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-9906 DESCRIPTION: The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially craft...

8.6CVSS5.8AI score0.00186EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/09/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-9906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .keras model...

8.6CVSS7.8AI score0.00186EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/09/19 9:31 a.m.5 views

a2grunnerp (>=0.1.0 <=0.1.8), a62-emotion (>=0.9.2 <=0.11.4) +1263 more potentially affected by CVE-2025-9906 via keras (>=1.2.1 <=3.10.0)

keras PYPI version =1.2.1, =0.1.0, =0.9.2, =1.0.1, =0.1.0, =1.1.2, =0.0.8, =0.0.1, =7.13.1, =0.0.1, =0.0.2 and more Source cves: CVE-2025-9906 Source advisory: OSV:GHSA-36FQ-JGMW-4R9C...

8.6CVSS7.4AI score0.00186EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/19 8:42 a.m.5 views

decima2 (>=0.1.0 <=0.2.1), gpbench (>=1.0.3 <=1.2.2) +8 more potentially affected by CVE-2025-9906 via keras (>=3.0.0 <=3.10.0)

keras PYPI version =3.0.0, =0.1.0, =1.0.3, =0.0.28, =2.4.0, =0.1.0, =0.1.1, =1.1.0, =1.0.0, =1.2.0 Source cves: CVE-2025-9906 Source advisory: SNYK:PYTHON-KERAS-12927178...

8.6CVSS7.4AI score0.00186EPSS
Exploits0
Cvelist
Cvelist
added 2025/09/19 8:15 a.m.11 views

CVE-2025-9906 Arbitrary Code execution in Keras Safe Mode

The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .keras model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...

8.6CVSS0.00186EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/09/19 12:0 a.m.2 views

CVE-2025-9906

The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .keras model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...

8.6CVSS7.2AI score0.00186EPSS
Exploits0References2
Rows per page
Query Builder