THREATOPS
THREAT OPSThreat News › [NVD] CVE-2026-0897 (HIGH 7.5) — Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafte

[NVD] CVE-2026-0897 (HIGH 7.5) — Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafte

lownvdPublished 2026-01-15

CVE-2026-0897 CVSS: 7.5 HIGH Published: 2026-01-15T14:16:26.890

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive containing a valid model.weights.h5 fi

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-0897