Duplicate Advisory: Keras safe mode bypass vulnerability

GHSA-pwq7-2gvj-vg9v

Published Aug 11, 2025 · Modified Aug 12, 2025

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-c9rc-mg46-23w3. This link is maintained to preserve external references.

Original Description

A safe mode bypass vulnerability in the Model.load_model method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-8747
WEB https://github.com/keras-team/keras/pull/21429
WEB https://github.com/keras-team/keras/commit/713172ab56b864e59e2aa79b1a51b0e728bba858
PACKAGE https://github.com/keras-team/keras
WEB https://jfrog.com/blog/keras-safe_mode-bypass-vulnerability

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes