- Description
- The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading.
- Source
- cve-coordination@google.com
- NVD status
- Analyzed
- Products
- keras
CVSS 4.0
- Type
- Secondary
- Base score
- 7.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- cve-coordination@google.com
- CWE-94
- Hype score
- Not currently trending
[1day1line] CVE-2025-1550: RCE Vulnerability in Keras Due to Insufficient Validation During Model Loading https://t.co/zfxwtVDykJ Today’s One-Line Summary covers an RCE vulnerability found in the deep learning library Keras. Due to insufficient validation of the config file
@hackyboiz
26 Jul 2025
573 Impressions
1 Retweet
8 Likes
3 Bookmarks
0 Replies
0 Quotes
Safe mode? Still exploitable. 🔓 Our latest blog unpacks how Keras’s config.json can be weaponized even with safe_mode=True, no Lambda layer needed. 👀 CVE-2025-1550 + a fresh PoC using keras.utils.get_file Read it 👉 https://t.co/I8H34dk6WZ https://t.co/pElfNv0AH4
@huntr_ai
20 Jun 2025
219 Impressions
3 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-37752 2 - CVE-2025-0995 3 - CVE-2025-1550 4 - CVE-2025-24203 5 - CVE-2025-32819 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
12 May 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Inside CVE-2025-1550: Remote Code Execution via Keras Models https://t.co/E8lqpn8Hc2 @huntr_ai
@tbbhunter
11 May 2025
1160 Impressions
2 Retweets
8 Likes
3 Bookmarks
0 Replies
0 Quotes
Threat Alert: Keras Deep Learning Framework Hit by Arbitrary Code Execution Vulnerability (CVE CVE-2025-1550 Severity: ⚠️ Critical Maturity: 💢 Emerging Learn more: https://t.co/2BYsxzMwVM #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
15 Mar 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A critical vulnerability (CVE-2025-1550) in Keras allows arbitrary code execution via Model.load_model, even in safe mode. Update to version 3.9+ and load models from trusted sources! 🔒 #Keras #DeepLearning #USA link: https://t.co/EWW6ZZwaBI https://t.co/ORKlgZPlzO
@TweetThreatNews
14 Mar 2025
15 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-1550 🔴 HIGH (7.3) 🏢 Google - Keras 🏗️ 3.0.0 🔗 https://t.co/roTpZEoC39 #CyberCron #VulnAlert #InfoSec https://t.co/YAQdo1o40C
@cybercronai
11 Mar 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:keras:keras:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A252DA83-7788-4277-A8B0-52F597A654A9",
"versionEndExcluding": "3.8.0",
"versionStartIncluding": "3.0.0"
}
],
"operator": "OR"
}
]
}
]