39 matches found
CVE-2026-12481
A flaw was found in the Keras deep learning library. This vulnerability allows a remote attacker to execute arbitrary code on the system by exploiting improper handling of deserialization in the Lambda layer. Specifically, a security safeguard designed to prevent unsafe deserialization is bypasse...
Linux Distros Unpatched Vulnerability : CVE-2026-12481
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer...
DEBIAN-CVE-2026-12481
A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer. Specifically, the raiseforlambdadeserialization function fails to enforce the safe-mode guard when safemode is set to None, which is the default...
CVE-2026-12481
A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer. Specifically, the raiseforlambdadeserialization function fails to enforce the safe-mode guard when safemode is set to None, which is the default...
UBUNTU-CVE-2026-12481
A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer. Specifically, the raiseforlambdadeserialization function fails to enforce the safe-mode guard when safemode is set to None, which is the default...
CVE-2026-12481
The CVE affects keras-team/keras 3.14.0, where deserialization in the Lambda layer can bypass the safe-mode guard. The root cause is _raise_for_lambda_deserialization() treating safe_mode=None as unset/deny, allowing attacker-controlled marshal bytecode to be deserialized. Affected call sites inc...
CVE-2026-12481
A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer. Specifically, the raiseforlambdadeserialization function fails to enforce the safe-mode guard when safemode is set to None, which is the default...
CVE-2026-12481 Deserialization of Untrusted Data in keras-team/keras
A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer. Specifically, the raiseforlambdadeserialization function fails to enforce the safe-mode guard when safemode is set to None, which is the default...
PT-2026-55585
Name of the Vulnerable Software and Affected Versions keras-team/keras version 3.14.0 Description Improper handling of deserialization in the Lambda layer allows for arbitrary OS-level code execution in the context of the server or user process. The raise for lambda deserialization function fails...
Lambda Layer `safe_mode=None` Guard Bypass — Arbitrary Code Execution via `from_config()`
This report is not public...
Arbitrary Code Execution
Keras is vulnerable to Arbitrary Code Execution. The vulnerability is due to Model.loadmodel not honoring safemode=True when reading legacy .h5/.hdf5 archives and deserializing pickled Lambda-layer code from a crafted model file, which allows an attacker to supply a malicious archive that execute...
EUVD-2025-30281
Malicious code in bioql PyPI...
EUVD-2025-30277
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-9905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .h5/.hdf5 mod...
GHSA-36FQ-JGMW-4R9C Keras is vulnerable to Deserialization of Untrusted Data
Arbitrary Code Execution in Keras Keras versions prior to 3.11.0 allow for arbitrary code execution when loading a crafted .keras model archive, even when safemode=True. The issue arises because the archive’s config.json is parsed before layer deserialization. This can invoke...
GHSA-77WQ-646F-JRM2 Duplicate Advisory: The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-36rr-ww3j-vrjv. This link is maintained to preserve external references. Original Description The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One c...
Keras is vulnerable to Deserialization of Untrusted Data
Arbitrary Code Execution in Keras Keras versions prior to 3.11.0 allow for arbitrary code execution when loading a crafted .keras model archive, even when safemode=True. The issue arises because the archive’s config.json is parsed before layer deserialization. This can invoke...
PYSEC-2025-123
The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...
CVE-2025-9906
The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .keras model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...
CVE-2025-9905
The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...