CVE-2025-49655

{"id": "CVE-2025-49655", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-10-17T16:15:37.420", "references": [{"url": "https://github.com/keras-team/keras/pull/21575", "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"}, {"url": "https://hiddenlayer.com/sai_security_advisor/2025-10-keras/", "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "Deserialization of untrusted data can occur in versions of the Keras framework running versions 3.11.0 up to but not including 3.11.3, enabling a maliciously uploaded Keras file containing a\u00a0TorchModuleWrapper class to run arbitrary code on an end user\u2019s system when loaded despite safe mode being enabled. The vulnerability can be triggered through both local and remote files."}], "lastModified": "2025-10-21T19:31:50.020", "sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"}