CVE-2026-12479
MediumCVSS 6.1Exploitation Probability (EPSS)
Low risk17th percentile — higher than 17% of all known CVEs
Summary
A path traversal vulnerability exists in version 3.14.0 of the Keras library, related to the `DiskIOStore.make` method. The issue arises from improper handling of user-provided layer names, allowing unauthorized file system operations.
Risk Assessment
This vulnerability could lead to unauthorized access to the file system, posing a serious threat to the integrity and confidentiality of data within the organization.
Recommendation
It is recommended to update the Keras library to the latest version to mitigate this vulnerability and implement additional validation mechanisms for layer names.
Original NVD description (English source)
A path traversal vulnerability exists in keras-team/keras version 3.14.0, specifically in the `DiskIOStore.make` method within the Keras 3 model saving and loading library. This vulnerability arises from the improper handling of user-provided layer names, which are used to construct directory paths without sanitizing for parent directory components (`..`). While forward slashes (`/`) are restricted in layer names, directory traversal sequences are not. This allows an attacker to craft a malicious Keras model that, when saved or loaded, can escape the intended temporary working directory and perform unauthorized file system operations, such as creating directories or writing files in arbitrary locations.

