3 matches found
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses keras-3.10.0-py3-none-any.whl, keras-2.14.0-py3-none-any.whl which are vulnerable to CVE-2025-12058, CVE-2025-12060, CVE-2025-9905, CVE-2025-9906.
Summary IBM Maximo Application Suite - Monitor Component uses keras-3.10.0-py3-none-any.whl, keras-2.14.0-py3-none-any.whl which are vulnerable to CVE-2025-12058, CVE-2025-12060, CVE-2025-9905, CVE-2025-9906. This bulletin contains information regarding the vulnerability and its fixture...
CVE-2025-9906
The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .keras model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...
CVE-2025-9906
creationtimestamp| type| source ---|---|--- 2025-09-19 09:22:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lz6k3g5whz2c...