CVE-2026-1669

MEDIUM 6.5

Arbitrary File Read in Keras via HDF5 External Datasets

CVSS Score

6.5

EPSS Score

0.0%

EPSS Percentile

0th

Arbitrary file read in the model loading mechanism (HDF5 integration) in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references.

CWE	CWE-73 CWE-200
Vendor	google
Product	keras
Ecosystems	Android Cloud Chrome
Industries	Technology
Published	Feb 11, 2026
Last Updated	Jun 30, 2026

Stay Ahead of the Next One

Get instant alerts for google keras

Be the first to know when new medium vulnerabilities affecting google keras are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Google / Keras

3.0.0 < 3.13.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/google/security-research/security/advisories access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-1669 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2439205 security.access.redhat.com: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1669.json

Credits

Giuseppe Massaro (https://github.com/N3mes1s)