CVE-2025-49655 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-49655 PUBLISHED CVSS 9.800000190734863 CRITICAL

Keras framework vulnerable to deserialization of untrusted data

EPSS 0.03% · 9.8th percentile

Risk Scores

CVSS v3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.03%

9.8th percentile

Affected Products

Vendor	Product	Versions
Keras	Keras	3.11.0
PyPI	keras	3.11.0

Timeline

Oct 17, 2025 CVE Published
Oct 17, 2025 Coalition ESS Score
Oct 18, 2025 EPSS Score
Oct 20, 2025 PoC Published
Oct 21, 2025 PoC Published
Oct 23, 2025 EPSS Score
Oct 29, 2025 EPSS Score
Nov 3, 2025 EPSS Score
Nov 9, 2025 EPSS Score
Nov 14, 2025 EPSS Score
Nov 17, 2025 Coalition ESS Score
Nov 20, 2025 EPSS Score

References

Open in Interactive Console →