14329 matches found
CVE-2026-1462
A vulnerability in the TFSMLayer class of the keras package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of .keras models, even when safemode=True. This bypasses the security guarantees of safemode and enables arbitrary attacker-controlled...
CVE-2026-1462 Safe Mode Bypass in keras-team/keras
A vulnerability in the TFSMLayer class of the keras package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of .keras models, even when safemode=True. This bypasses the security guarantees of safemode and enables arbitrary attacker-controlled...
Security Bulletin: Arbitrary File Read, SSRF, and Code Execution Vulnerabilities in TensorFlow Keras Model Loading (v2.13) affects watsonx.data
Summary A vulnerability in TensorFlow Keras v2.13 allows malicious .keras model files to trigger arbitrary local file reads, Server-Side Request Forgery SSRF, and potential code execution during model loading—even when safemode=True is enabled. The issue arises from improper handling of external...
OSV-2026-437 Heap-use-after-free in tf::Executor::_invoke
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=494709474 Crash type: Heap-use-after-free WRITE 8 Crash state: tf::Executor::invoke tf::Executor::spawn void std::1::threadproxy...
GHSA-QJXF-F2MG-C6MC vulnerabilities
Vulnerabilities for packages: mitmproxy, tensorflow-cpu-jupyter, dask-kubernetes, airflow, kubeflow-pipelines-visualization-server...
CVE-2026-31958 vulnerabilities
Vulnerabilities for packages: mitmproxy, tensorflow-cpu-jupyter, dask-kubernetes, airflow, kubeflow-pipelines-visualization-server...
AZL-79652 CVE-2026-3713 affecting package tensorflow 2.16.1-11
A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function dopnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local...
AZL-79646 CVE-2026-3713 affecting package tensorflow 2.11.1-2
A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function dopnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local...
AZL-79649 CVE-2026-27142 affecting package tensorflow 2.16.1-11
Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actio...
AZL-79410 CVE-2026-3381 affecting package python-tensorflow-estimator 2.11.0-2
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...
AZL-79487 CVE-2026-3381 affecting package tensorflow 2.16.1-11
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...
AZL-79455 CVE-2026-3381 affecting package tensorflow 2.11.1-2
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...
AZL-79491 CVE-2026-2297 affecting package tensorflow 2.16.1-11
The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...
CVE-2026-2492 affecting package tensorflow for versions less than 2.16.1-11
CVE-2026-2492 affecting package tensorflow for versions less than 2.16.1-11. A patched version of the package is available...
OSV-2026-304 Heap-use-after-free in tf::Executor::_invoke
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486618382 Crash type: Heap-use-after-free READ 4 Crash state: tf::Executor::invoke tf::Executor::spawn void std::1::threadproxy...
TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
...
SUSE CVE-2026-2492
TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target syste...
Malicious code in tensorflow-opt (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c2197ee3bfb727ff46f407a50a515013ad05c423bfe202eea90eb6b593f08b14 Package is likely a dependency confusion against some legitimate extension packages for TensorFlow but contains just cryptominers. When calling the "start"...
MAL-2026-983 Malicious code in tensorflow-opt (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c2197ee3bfb727ff46f407a50a515013ad05c423bfe202eea90eb6b593f08b14 Package is likely a dependency confusion against some legitimate extension packages for TensorFlow but contains just cryptominers. When calling the "start"...
Linux Distros Unpatched Vulnerability : CVE-2026-2492
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...