keras (pypi) security advisories

CRITICAL 9.8

PyPI

CVE-2025-1550

Mar 11, 2025

HIGH 7.5

PyPI

CVE-2026-0897

Jan 15, 2026

HIGH 7.3

PyPI

CVE-2025-9906

Sep 19, 2025

HIGH 7.8

PyPI

CVE-2025-8747

Aug 11, 2025

MEDIUM 6.5

PyPI

CVE-2024-55459

Jan 8, 2025

UNKNOWN

PyPI

CVE-2026-0897

Keras vulnerable to DoS via Malicious .keras Model (HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor)

May 6, 2026

UNKNOWN

PyPI

CVE-2025-1550

Arbitrary Code Execution via Crafted Keras Config for Model Loading

Mar 11, 2025

UNKNOWN

PyPI

CVE-2024-55459

keras Path Traversal vulnerability

Jan 8, 2025

UNKNOWN

PyPI

CVE-2025-9905

The Keras `Model.load_model` method silently ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

Sep 19, 2025

HIGH 7.3

PyPI

CVE-2025-9906

Keras is vulnerable to Deserialization of Untrusted Data

Sep 19, 2025

HIGH 8.8

PyPI

CVE-2025-8747

Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality

Aug 12, 2025

HIGH 7.3

PyPI

CVE-2025-9905

Sep 19, 2025

HIGH 8.8

PyPI

CVE-2026-1462

Keras has an untrusted deserialization vulnerability

Apr 13, 2026

UNKNOWN

PyPI

CVE-2026-0897

Duplicate Advisory: Google Keras Allocates Resources Without Limits or Throttling in the HDF5 weight loading component

Jan 15, 2026

UNKNOWN

PyPI

CVE-2025-12058

Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery

Oct 29, 2025

HIGH 7.1

PyPI

CVE-2026-1669

Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading

Feb 18, 2026

UNKNOWN

PyPI

CVE-2026-1669

Duplicate Advisory: Keras vulnerable to arbitrary file read in the model loading mechanism (HDF5 integration)

Feb 12, 2026

UNKNOWN

PyPI

GHSA-28jp-44vh-q42h

Duplicate Advisory: Keras keras.utils.get_file API is vulnerable to a path traversal attack

Oct 30, 2025

CRITICAL 9.8

PyPI

CVE-2025-12060

Keras Directory Traversal Vulnerability

Dec 2, 2025

HIGH 8.0

PyPI

GHSA-9g7v-8wxv-mwxp

Duplicate Advisory: Keras keras.utils.get_file API is vulnerable to a path traversal attack

Nov 28, 2025

CRITICAL 9.8

PyPI

CVE-2025-49655

Keras framework vulnerable to deserialization of untrusted data

Oct 17, 2025

UNKNOWN

PyPI

GHSA-77wq-646f-jrm2

Duplicate Advisory: The Keras `Model.load_model` method silently ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

Sep 19, 2025

UNKNOWN

PyPI

GHSA-pwq7-2gvj-vg9v

Duplicate Advisory: Keras safe mode bypass vulnerability

Aug 11, 2025

UNKNOWN

PyPI

GHSA-5478-v2w6-c6q7

Duplicate Advisory: Keras arbitrary code execution vulnerability

Mar 11, 2025

CRITICAL 9.8

PyPI

CVE-2024-3660

Keras code injection vulnerability

Apr 16, 2024

keras

Vulnerabilities

CVE-2025-1550

CVE-2026-0897

CVE-2025-9906

CVE-2025-8747

CVE-2024-55459

Keras vulnerable to DoS via Malicious .keras Model (HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor)

Arbitrary Code Execution via Crafted Keras Config for Model Loading

keras Path Traversal vulnerability

The Keras `Model.load_model` method silently ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

Keras is vulnerable to Deserialization of Untrusted Data

Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality

CVE-2025-9905

Keras has an untrusted deserialization vulnerability

Duplicate Advisory: Google Keras Allocates Resources Without Limits or Throttling in the HDF5 weight loading component

Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery

Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading

Duplicate Advisory: Keras vulnerable to arbitrary file read in the model loading mechanism (HDF5 integration)

Duplicate Advisory: Keras keras.utils.get_file API is vulnerable to a path traversal attack

Keras Directory Traversal Vulnerability

Duplicate Advisory: Keras keras.utils.get_file API is vulnerable to a path traversal attack

Keras framework vulnerable to deserialization of untrusted data

Duplicate Advisory: The Keras `Model.load_model` method silently ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

Duplicate Advisory: Keras safe mode bypass vulnerability

Duplicate Advisory: Keras arbitrary code execution vulnerability

Keras code injection vulnerability

Start Securing

keras

Vulnerabilities

CVE-2025-1550

CVE-2026-0897

CVE-2025-9906

CVE-2025-8747

CVE-2024-55459

Keras vulnerable to DoS via Malicious .keras Model (HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor)

Arbitrary Code Execution via Crafted Keras Config for Model Loading

keras Path Traversal vulnerability

The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

Keras is vulnerable to Deserialization of Untrusted Data

Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality

CVE-2025-9905

Keras has an untrusted deserialization vulnerability

Duplicate Advisory: Google Keras Allocates Resources Without Limits or Throttling in the HDF5 weight loading component

Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery

Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading

Duplicate Advisory: Keras vulnerable to arbitrary file read in the model loading mechanism (HDF5 integration)

Duplicate Advisory: Keras keras.utils.get_file API is vulnerable to a path traversal attack

Keras Directory Traversal Vulnerability

Duplicate Advisory: Keras keras.utils.get_file API is vulnerable to a path traversal attack

Keras framework vulnerable to deserialization of untrusted data

Duplicate Advisory: The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

Duplicate Advisory: Keras safe mode bypass vulnerability

Duplicate Advisory: Keras arbitrary code execution vulnerability

Keras code injection vulnerability

Start Securing

The Keras `Model.load_model` method silently ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

Duplicate Advisory: The Keras `Model.load_model` method silently ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.