pkg:PyPI/keras

20 total CVEsCRITICAL5HIGH12MEDIUM2

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2025-12060Keras Directory Traversal Vulnerability
    from 0, < 3.12.0
  • CRITICAL9.8CVE-2025-49655Keras framework vulnerable to deserialization of untrusted data
    >= 3.11.0, < 3.11.3
  • CRITICAL9.8CVE-2025-1550Arbitrary Code Execution via Crafted Keras Config for Model Loading
    >= 3.0.0, < 3.8.0
  • CRITICAL9.8CVE-2025-1550Arbitrary Code Execution via Crafted Keras Config for Model Loading
    >= 3.0.0, < 3.9.0
  • CRITICAL9.8CVE-2024-3660Keras code injection vulnerability
    from 0, < 2.13.1rc0
  • HIGH8.8CVE-2026-1462Keras has an untrusted deserialization vulnerability
    from 0, < 3.13.2
  • HIGH8.8CVE-2025-8747Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality
    >= 3.0.0, < 3.11.0
  • HIGH8.8CVE-2025-8747Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality
  • HIGH7.5CVE-2026-0897Keras vulnerable to DoS via Malicious .keras Model (HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor)
    >= 3.0.0, < 3.13.1
  • HIGH7.5CVE-2026-0897Keras vulnerable to DoS via Malicious .keras Model (HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor)
    >= 3.0.0, < 3.12.1
  • HIGH7.5CVE-2026-0897Keras vulnerable to DoS via Malicious .keras Model (HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor)
    >= 3.0.0, < 3.12.1
  • HIGH7.3CVE-2025-9905The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.
    >= 3.0.0, < 3.11.3
  • HIGH7.3CVE-2025-9905The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.
    >= 3.0.0, < 3.11.3
  • HIGH7.3CVE-2025-9906Keras is vulnerable to Deserialization of Untrusted Data
  • HIGH7.3CVE-2025-9906Keras is vulnerable to Deserialization of Untrusted Data
    from 0, < 3.11.0
  • HIGH7.1CVE-2026-1669Duplicate Advisory: Keras vulnerable to arbitrary file read in the model loading mechanism (HDF5 integration)
    >= 3.13.0, < 3.13.2
  • HIGH7.1CVE-2026-1669Duplicate Advisory: Keras vulnerable to arbitrary file read in the model loading mechanism (HDF5 integration)
    >= 3.0.0, <= 3.13.1
  • MEDIUM6.5CVE-2024-55459keras Path Traversal vulnerability
    from 0, <= 3.7.0
  • MEDIUM6.5CVE-2024-55459keras Path Traversal vulnerability
    from 0, <= 3.7.0
  • CVE-2025-12058Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery
    from 0, < 3.12.0