CVE-2026-1669
Modified
Modified - Updated After Analysis
Arbitrary File Read in Keras Model Loading via HDF5 External References
Vulnerability report for CVE-2026-1669, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-02-11
Last updated on: 2026-06-30
Assigner: Google Inc.
Description
Description
Arbitrary file read in the model loading mechanism (HDF5 integration) in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| keras | keras | From 3.0.0 (inc) to 3.13.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-73 | The product allows user input to control or influence paths or file names that are used in filesystem operations. |
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |