CVE-2026-0897

creationtimestamp| type| source ---|---|--- 2026-03-29 09:00:03+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/77758 2026-03-29 15:00:08+00:00| published-proof-of-concept| Telegram/Fln1CDV-IIlp7EGS7hrJibbBYDcdeDsNTgWenTzMncUGCI 2026-04-29 19:58:54+00:00| published-proof-of-concept|...

adpred (=1.3.2), bacpipe (>=1.2.0 <=1.3.2.dev0) +16 more potentially affected by CVE-2026-0897 via keras (>=3.0.0 <=3.12.0)

keras PYPI version =3.0.0, =1.2.0, =0.1.0, =0.0.4, =0.4.7, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =0.1.0, =0.1.1, =14.0.0, =14.1.0 and more Source cves: CVE-2026-0897 Source advisory: SNYK:PYTHON-KERAS-14947722...

adpred (=1.3.2), bacpipe (>=1.2.0 <=1.3.2.dev0) +19 more potentially affected by CVE-2026-0897 via keras (>=3.0.0 <=3.13.0)

keras PYPI version =3.0.0, =1.2.0, =0.1.0, =0.0.4, =0.4.7, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =3.14.3, =0.1.0, =0.0.60, =0.0.61 and more Source cves: CVE-2026-0897 Source advisory: OSV:PYSEC-2026-73...

CVE-2026-0897

CVE-2026-0897 affects Google Keras (3.0.0–3.13.0) via the HDF5 weight loading component. A crafted .keras archive containing a valid model.weights.h5 file with an extremely large dataset shape can trigger memory exhaustion and crash the Python interpreter, causing a Denial of Service. Some connec...

CVE-2026-0897 Denial of Service in Keras via Excessive Memory Allocation in HDF5 Metadata

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...