Summary: A security vulnerability (CVE-2025-1550) has been identified in Keras, allowing for arbitrary code execution via the Model.load_model function, even with safe_mode=True enabled. Users of Keras are strongly encouraged to update to version 3.9 or later to mitigate the risk associated with this vulnerability. Additionally, it is recommended to load models only from trusted sources and to create model archives personally using Keras.
Affected: Keras, multi-backend deep learning framework
Keypoints :
- Vulnerability CVE-2025-1550 has a CVSS score of 7.3.
- Exploitation is possible through a manipulated .keras archive, specifically targeting the config.json file.
- A patch is available in Keras version 3.9 and later; users are urged to upgrade.
- Developers are advised to load models exclusively from trusted sources.