VYPR

keras

by Debian

CVEs (1)

  • CVE-2026-12480Jul 2, 2026
    risk 0.00cvss epss

    Keras versions up to and including 3.13.2 are vulnerable to an arbitrary HDF5 file read due to an incomplete fix for CVE-2026-1669. The vulnerability resides in the `H5IOStore._verify_dataset()` and `file_editor.py` methods, which fail to check the `dataset.is_virtual` property…