Arbitrary Code Execution Vulnerability in Keras by Keras Team
CVE-2026-12481

8.8HIGH

Key Information:

Vendor

Keras-team

Vendor
CVE Published:
3 July 2026

What is CVE-2026-12481?

A vulnerability in Keras version 3.14.0 arises from improper deserialization handling in the Lambda layer. The function _raise_for_lambda_deserialization() does not adequately enforce a safe mode guard when set to None, allowing attackers to exploit this logic error. By invoking deserialization functions like keras.layers.deserialize(config), keras.models.clone_model(model), or Lambda.from_config(config) outside a SafeModeScope, an attacker can potentially execute arbitrary code at the operating system level within the context of the server or user process, posing significant security risks.

Affected Version(s)

keras-team/keras <= unspecified

References

CVSS V3.0

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.