Arbitrary Code Execution Vulnerability in Keras by Keras Team
CVE-2026-12481
8.8HIGH
What is CVE-2026-12481?
A vulnerability in Keras version 3.14.0 arises from improper deserialization handling in the Lambda layer. The function _raise_for_lambda_deserialization() does not adequately enforce a safe mode guard when set to None, allowing attackers to exploit this logic error. By invoking deserialization functions like keras.layers.deserialize(config), keras.models.clone_model(model), or Lambda.from_config(config) outside a SafeModeScope, an attacker can potentially execute arbitrary code at the operating system level within the context of the server or user process, posing significant security risks.
Affected Version(s)
keras-team/keras <= unspecified
