DEBIAN-CVE-2025-49655

DEBIAN-CVE-2025-49655 PUBLISHED CVSS 9.800000190734863 CRITICAL

Deserialization of untrusted data can occur in versions of the Keras framework running versions 3.11.0 up to but not including 3.11.3, enabling a maliciously uploaded Keras file containing a TorchModuleWrapper class to run arbitrary code on an end user’s system when loaded despite safe mode being enabled. The vulnerability can be triggered through both local and remote files.

Risk Scores

CVSS 3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:11	keras	0, 2.3.1+dfsg2-1, 0

Exploit Intelligence

package.py (github-poc)

Timeline

Oct 17, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-49655 advisory

Open in Interactive Console →