CVE-2026-0897

High CVSS: 7.1

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive containing a valid model.weights.h5 file whose dataset declares an extremely large shape.

Vendor

Keras

Product

Keras

CWE

CWE-770

Yayın Tarihi

2026-01-15 14:16:26

Güncelleme

2026-01-23 18:35:49

Source Identifier

cve-coordination@google.com

KEV Date Added

Kategoriler

CWE-770 Keras HIGH Keras 2026

Referanslar

https://github.com/keras-team/keras/pull/21880

Benzer Kayıtlar

High

CVE-2026-1669

Arbitrary file read in the model loading mechanism (HDF5 integration) in Keras versions 3.0.0 through 3.13.1 on all supp…

High

CVE-2025-9905

The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One c…

High

CVE-2025-9906

The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One c…

High

CVE-2025-8747

A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attac…

High

CVE-2025-1550

The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually const…

Medium

CVE-2024-55459

An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar fi…