CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

Packet Storm News•added 2026/02/11 12:0 a.m.•2 views

Vulnerabilities in Partial TEE-Shielded LLM Inference with Precomputed Noise

The deployment of large language models LLMs on third-party devices requires new ways to protect model intellectual property. While Trusted Execution Environments TEEs offer a promising solution, their performance limits can lead to a critical compromise: using a precomputed, static secret basis ...

5.6AI score

Exploits0

RedhatCVE•added 2026/01/15 5:38 p.m.•2 views

CVE-2026-0897

A flaw was found in Keras. A remote attacker can cause a Denial of Service DoS by providing a specially crafted .keras archive containing a model weights file model.weights.h5 that declares an extremely large data shape. This can lead to excessive memory allocation, resulting in memory exhaustion...

7.6CVSS6.5AI score0.00043EPSS

Exploits3References4

OSV•added 2026/01/15 2:16 p.m.•1 views

CVE-2026-0897

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...

7.5CVSS6.9AI score

Exploits0References1

OSV•added 2026/01/15 2:16 p.m.•0 views

UBUNTU-CVE-2026-0897

7.5CVSS6.1AI score0.00043EPSS

Exploits3References3

CVE•added 2026/01/15 2:9 p.m.•19 views

CVE-2026-0897

CVE-2026-0897 affects Google Keras (3.0.0–3.13.0) via the HDF5 weight loading component. A crafted .keras archive containing a valid model.weights.h5 file with an extremely large dataset shape can trigger memory exhaustion and crash the Python interpreter, causing a Denial of Service. Some connec...

7.5CVSS6.6AI score0.00043EPSS

Exploits3References1Affected Software1

Debian CVE•added 2026/01/15 2:9 p.m.•3 views

CVE-2026-0897

7.5CVSS6.6AI score0.00043EPSS

Exploits3

ATTACKERKB•added 2026/01/15 2:9 p.m.•1 views

CVE-2026-0897

7.5CVSS5.6AI score0.00043EPSS

Exploits3References2Affected Software1

Cvelist•added 2026/01/15 2:9 p.m.•24 views

CVE-2026-0897 Denial of Service in Keras via Excessive Memory Allocation in HDF5 Metadata

7.1CVSS0.00043EPSS

Exploits3References1

Positive Technologies•added 2026/01/15 12:0 a.m.•2 views

PT-2026-3014

Name of the Vulnerable Software and Affected Versions Keras versions 3.0.0 through 3.13.0 Description A flaw exists in the HDF5 weight loading component of Keras that allows for a denial of service. An attacker can provide a crafted .keras archive containing a valid model.weights.h5 file. This fi...

7.5CVSS6.8AI score0.00043EPSS

Exploits3References17

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-0192

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.01009EPSS

Exploits0References7

Huntr•added 2025/07/03 12:4 p.m.•5 views

Dependacy chain attack through hijacking broken github repository at https://github.com/huggingface/transformers/blob/main/src/\ntransformers/models/fuyu/\nconvert_fuyu_model_weights_to_hf.py

Description Type: Dependency Chain Attack through hijacking broken github repository Risk: High Allows arbitrary code execution in model conversion workflows Affected Asset: https://github.com/adept-ai-labs/adept-inference Broken URL in Hugging Face Transformers Root Cause The Hugging Face...

6.5AI score

Exploits0

Packet Storm News•added 2025/06/12 12:0 a.m.•2 views

ObfusBFA: a Holistic Approach to Safeguarding DNNs from Different Types of Bit-Flip Attacks

Bit-flip attacks BFAs represent a serious threat to Deep Neural Networks DNNs, where flipping a small number of bits in the model parameters or binary code can significantly degrade the model accuracy or mislead the model prediction in a desired way. Existing defenses exclusively focus on...

7.1AI score

Exploits0

ATTACKERKB•added 2022/05/13 3:15 p.m.•0 views

CVE-2022-29796