External Control of File Name or Path in Keras - CVE-2026-1669
Published: April 7, 2026
Vulnerability identifier: #VU125038
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-1669
CWE-ID: CWE-73
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Keras
Affected software:
Keras
Keras
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to external control of file name or path in the Keras HDF5 weight loading functionality when processing an attacker-supplied HDF5 weights file or .keras archive. A remote attacker can supply a specially crafted weights file with HDF5 external storage or external links to disclose sensitive information.
User interaction is required to load the malicious weights file or model archive, and the target file must be readable by the process.
How to mitigate CVE-2026-1669
Install security update from vendor's website.