CVE-2025-9906 | Keras up to 3.10.x enable_unsafe_deserialization

September 19, 2025 Yanac

A vulnerability categorized as problematic has been discovered in Keras up to 3.10.x. This impacts the function enable_unsafe_deserialization. Such manipulation leads to deserialization.

This vulnerability is traded as CVE-2025-9906. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-7702 | Pusula Manageable Email Sending System prior 2025.08.06 redirect
CVE-2025-9905 | Keras up to 3.11.2 Model Archive File Model.load_model dynamically-managed code resources