PyPi: Keras

CVE-2025-1550

Safety vulnerability ID: 76312

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Mar 11, 2025 Updated at Apr 02, 2025

Scan your Python projects for vulnerabilities →

Advisory

The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading.

Affected package

keras

Latest version: 3.9.2

Multi-backend Keras

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://github.com/advisories/GHSA-48g7-3x6r-xfhp
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1550

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application