CVE-2026-0897
Denial of Service in Keras via Excessive Memory Allocation in HDF5 Metadata
CVSS Score
7.6
EPSS Score
0.0%
EPSS Percentile
0th
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive containing a valid model.weights.h5 file whose dataset declares an extremely large shape.
| CWE | CWE-770 |
| Vendor | |
| Product | keras |
| Ecosystems | |
| Industries | Technology |
| Published | Jan 15, 2026 |
| Last Updated | Jun 30, 2026 |
Stay Ahead of the Next One
Get instant alerts for google keras
Be the first to know when new high vulnerabilities affecting google keras are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Google / Keras
3.0.0 ≤ 3.13.0
References
github.com: https://github.com/keras-team/keras/pull/21880 access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-0897 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2430027 security.access.redhat.com: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0897.json access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3782 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3713 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4271
Credits
Sarvesh Patil