CVE-2026-1669
Arbitrary File Read in Keras via HDF5 External Datasets
Arbitrary file read in the model loading mechanism (HDF5 integration) in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
Produtos afetados
Google · KerasQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →