CVE-2025-49655 | Keras up to 3.11.2 TorchModuleWrapper deserialization

October 17, 2025 Yanac

A vulnerability, which was classified as critical, was found in Keras up to 3.11.2. Affected is the function TorchModuleWrapper. The manipulation results in deserialization.

This vulnerability is reported as CVE-2025-49655. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More