CVE-2025-49655

Severity CVSS v4.0:
Pending analysis
Type:
CWE-502 Deserialization of Untrusted Dat
Publication date:
17/10/2025
Last modified:
17/10/2025

Description

Deserialization of untrusted data can occur in versions of the Keras framework running versions 3.11.0 up to but not including 3.11.3, enabling a maliciously uploaded Keras file containing a TorchModuleWrapper class to run arbitrary code on an end user’s system when loaded despite safe mode being enabled. The vulnerability can be triggered through both local and remote files.