381 matches found
CVE-2025-9905 Arbitary Code execution in Keras load_model()
The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...
CVE-2025-9905 Arbitary Code execution in Keras load_model()
The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...
CVE-2025-9906 Arbitrary Code execution in Keras Safe Mode
The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .keras model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...
CVE-2025-9906 Arbitrary Code execution in Keras Safe Mode
The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .keras model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...
CVE-2025-9906
CVE-2025-9906 affects Keras Model.load_model: loading a specially crafted .keras archive can bypass safe_mode and trigger arbitrary code execution via a config.json entry that enables unsafe deserialization, followed by a Lambda layer with pickled code. Impact is arbitrary code execution during m...
PT-2025-38518
Name of the Vulnerable Software and Affected Versions Keras affected versions not specified Description The Model.load model method is susceptible to arbitrary code execution, even when safe mode is enabled. A specially crafted .keras model archive containing a modified config.json file can trigg...
PT-2025-38517
Name of the Vulnerable Software and Affected Versions Keras affected versions not specified Description The Model.load model method can be exploited to achieve arbitrary code execution, even when safe mode is enabled. This is possible by creating a specially crafted .h5 or .hdf5 model archive tha...
Malicious code in ebos_lambda_utils (npm)
The package eboslambdautils was found to contain malicious code...
Malicious code in authenticate-log-lambda-double-notify (npm)
The package authenticate-log-lambda-double-notify was found to contain malicious code...
MAL-2025-39766 Malicious code in xi-secure-lambda-uglify-authorize (npm)
The package xi-secure-lambda-uglify-authorize was found to contain malicious code...
MAL-2025-26601 Malicious code in module-daemon-sun-stub-lambda (npm)
The package module-daemon-sun-stub-lambda was found to contain malicious code...
MAL-2025-20566 Malicious code in final-lambda-java-fast-gamma (npm)
The package final-lambda-java-fast-gamma was found to contain malicious code...
Malicious code in big-lambda-report-transpile-beta (npm)
The package big-lambda-report-transpile-beta was found to contain malicious code...
MAL-2025-18144 Malicious code in debug-book-analyze-easy-lambda (npm)
The package debug-book-analyze-easy-lambda was found to contain malicious code...
Malicious code in lambda-pipeline-construct (npm)
The package lambda-pipeline-construct was found to contain malicious code...
Malicious code in scale-route-bash-lambda-class (npm)
The package scale-route-bash-lambda-class was found to contain malicious code...
MAL-2025-25471 Malicious code in load-lambda-fire-code-emulate (npm)
The package load-lambda-fire-code-emulate was found to contain malicious code...
MAL-2025-24940 Malicious code in lambda-pipeline-construct (npm)
The package lambda-pipeline-construct was found to contain malicious code...
MAL-2025-39878 Malicious code in xml-query-minify-error-lambda (npm)
The package xml-query-minify-error-lambda was found to contain malicious code...
MAL-2025-24939 Malicious code in lambda-fast-yaml-quick-virtualize (npm)
The package lambda-fast-yaml-quick-virtualize was found to contain malicious code...