CVE-2026-0897

Source
https://cve.org/CVERecord?id=CVE-2026-0897
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-0897.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-0897
Aliases
Downstream
Related
Published
2026-01-15T14:09:53.603Z
Modified
2026-07-16T03:31:04.286545093Z
Severity
  • 7.1 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
Denial of Service in Keras via Excessive Memory Allocation in HDF5 Metadata
Details

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive containing a valid model.weights.h5 file whose dataset declares an extremely large shape.

Database specific
{
    "cwe_ids": [
        "CWE-770"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/0xxx/CVE-2026-0897.json",
    "cna_assigner": "Google"
}
References

Affected packages

Git / github.com/keras-team/keras

Affected ranges

Type
GIT
Repo
https://github.com/keras-team/keras
Events
Database specific
{
    "cpe": "cpe:2.3:a:keras:keras:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "3.0.0"
        },
        {
            "last_affected": "3.13.0"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ]
}

Affected versions

v3.*
v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.1.0
v3.1.1
v3.10.0
v3.11.0
v3.12.0
v3.13.0
v3.2.0
v3.2.1
v3.3.0
v3.3.1
v3.3.2
v3.3.3
v3.4.0
v3.4.1
v3.5.0
v3.6.0
v3.7.0
v3.8.0
v3.9.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-0897.json"