Google · Keras · CVE-2026-0897
**Name of the Vulnerable Software and Affected Versions**
Keras versions 3.0.0 through 3.13.0
**Description**
A flaw exists in the HDF5 weight loading component of Keras that allows for a denial of service. An attacker can provide a crafted .keras archive containing a valid model.weights.h5 file. This file declares an extremely large shape, leading to memory exhaustion and a crash of the Python interpreter. The issue affects all platforms.
**Recommendations**
Update Keras to a version newer than 3.13.0.