PyPI / keras

Keras is vulnerable to Deserialization of Untrusted Data

수정: 2026. 5. 29.

The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

수정: 2026. 5. 20.

Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading

수정: 2026. 2. 22.

Arbitrary Code Execution via Crafted Keras Config for Model Loading

수정: 2026. 5. 20.

Keras has an untrusted deserialization vulnerability

수정: 2026. 5. 18.

Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality

수정: 2026. 5. 29.

keras Path Traversal vulnerability

수정: 2026. 5. 20.

Keras framework vulnerable to deserialization of untrusted data

수정: 2025. 10. 17.

Keras Directory Traversal Vulnerability

수정: 2025. 12. 2.

Keras vulnerable to DoS via Malicious .keras Model (HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor)

수정: 2026. 5. 20.

Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery

수정: 2026. 3. 12.

Keras code injection vulnerability

수정: 2024. 8. 2.

수정: 2026. 5. 21.

수정: 2026. 5. 20.

수정: 2026. 5. 20.

수정: 2026. 5. 19.

수정: 2026. 5. 19.

수정: 2026. 5. 20.