CVE-2026-1669
Arbitrary File Read in Keras via HDF5 External Datasets
Arbitrary file read in the model loading mechanism (HDF5 integration) in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
Productos afectados
Google · Keras¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →