Lucene search
K

2009 matches found

Vulnrichment
Vulnrichment
added 2026/02/19 7:19 p.m.4 views

CVE-2026-26200 HDF5 Affected by H5T__conv_struct_opt Heap Buffer Overflow

HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on...

7.8CVSS6.7AI score0.00356EPSS
Exploits1References1
CVE
CVE
added 2026/02/19 7:19 p.m.31 views

CVE-2026-26200

CVE-2026-26200 affects HDF5 before version 1.14.4-2. An attacker able to control an HDF5 file being parsed can trigger a write-based heap buffer overflow, causing a denial of service and potentially, depending on the OS and exploitability, remote code execution. Real-world exploitation for RCE is...

7.8CVSS6.7AI score0.00356EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/19 7:19 p.m.23 views

CVE-2026-26200 HDF5 Affected by H5T__conv_struct_opt Heap Buffer Overflow

HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on...

7.8CVSS0.00356EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/02/19 7:19 p.m.5 views

CVE-2026-26200

HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on...

7.8CVSS6.7AI score0.00356EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2026/02/19 12:0 a.m.6 views

TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of plugins...

7CVSS6.2AI score0.00252EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20861

Name of the Vulnerable Software and Affected Versions TensorFlow affected versions not specified Description A flaw exists in TensorFlow due to insecure handling of plugins, allowing local attackers to potentially escalate privileges on affected systems. An attacker must first have the ability to...

7CVSS7.5AI score0.00252EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-26200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer...

7.8CVSS6.8AI score0.00356EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/02/18 10:41 p.m.12 views

Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading

Summary TensorFlow / Keras continues to honor HDF5 “external storage” and ExternalLink features when loading weights. A malicious .weights.h5 or a .keras archive embedding such weights can direct loadweights to read from an arbitrary readable filesystem path. The bytes pulled from that path...

7.5CVSS5.8AI score0.00298EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/02/12 12:31 a.m.11 views

Duplicate Advisory: Keras vulnerable to arbitrary file read in the model loading mechanism (HDF5 integration)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3m4q-jmj6-r34q. This link is maintained to preserve external references. Original Description Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all...

7.5CVSS5.3AI score0.00298EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/02/12 12:31 a.m.7 views

GHSA-GFMX-QQQH-F38Q Duplicate Advisory: Keras vulnerable to arbitrary file read in the model loading mechanism (HDF5 integration)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3m4q-jmj6-r34q. This link is maintained to preserve external references. Original Description Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all...

7.1CVSS5.8AI score0.00298EPSS
Exploits0References3
OSV
OSV
added 2026/02/11 11:16 p.m.4 views

AZL-77414 CVE-2026-1669 affecting package keras 3.3.3-6

Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...

7.5CVSS5.8AI score0.00298EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 11:16 p.m.5 views

DEBIAN-CVE-2026-1669

Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...

7.5CVSS5.2AI score0.00298EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/02/11 11:16 p.m.8 views

CVE-2026-1669

Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...

7.5CVSS5.8AI score0.00298EPSS
Exploits0References2
OSV
OSV
added 2026/02/11 11:16 p.m.8 views

UBUNTU-CVE-2026-1669

Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...

7.5CVSS5.8AI score0.00298EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:10 p.m.5 views

CVE-2026-1669

Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...

7.1CVSS5.4AI score0.00298EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/02/11 10:10 p.m.6 views

CVE-2026-1669

Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...

7.5CVSS5.2AI score0.00298EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7728

Name of the Vulnerable Software and Affected Versions Keras versions 3.0.0 through 3.13.1 Description A flaw exists in the model loading mechanism, specifically within the HDF5 integration of Keras. This issue allows a remote attacker to read local files and potentially disclose sensitive...

7.5CVSS5.4AI score0.00298EPSS
Exploits0References31
Debian
Debian
added 2026/02/06 9:24 p.m.7 views

[SECURITY] [DLA 4471-1] debian-security-support update

Debian LTS Advisory DLA-4471-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón February 06, 2026 https://wiki.debian.org/LTS Package : debian-security-support Version : 1:11+2026.02.06 Debian Bug : 1117607 1119290 1124248 debian-security-support, the Debian...

5.8AI score
Exploits0
OSV
OSV
added 2026/01/29 6:52 a.m.2 views

ROOT-OS-DEBIAN-11-CVE-2024-29164 CVE-2024-29164 in rootio-hdf5 - Patched by Root

Root has patched CVE-2024-29164 in the rootio-hdf5 package for Root:Debian:11. Multiple fixed versions available...

9.8CVSS5.4AI score0.00865EPSS
Exploits0
OSV
OSV
added 2026/01/29 6:52 a.m.3 views

ROOT-OS-DEBIAN-11-CVE-2024-32621 CVE-2024-32621 in rootio-hdf5 - Patched by Root

Root has patched CVE-2024-32621 in the rootio-hdf5 package for Root:Debian:11. Multiple fixed versions available...

9.8CVSS5.4AI score0.00927EPSS
Exploits0
Rows per page
Query Builder