Sarvesh Patil

1 exploit Active since Jan 2026
CVE-2026-0897 NOMISEC HIGH WRITEUP
Keras 3.0.0-3.13.0 - Denial of Service via HDF5 Weight Loading
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive containing a valid model.weights.h5 file whose dataset declares an extremely large shape.
CVSS 7.5