GHSA-mgx6-5cf9-rr43 — Vulnetix

GHSA-mgx6-5cf9-rr43 PUBLISHED

Exploit Intelligence

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras (github-poc-repo)
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras (github-poc-repo)
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras (github-poc)
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras (github-poc)
CVE-2026-0897.json (github-poc)
CVE-2026-0897.json (github-poc)
CVE-2026-0897.json (github-poc)
package.py (github-poc)
package.py (github-poc)

Timeline

CVE Published
May 7, 2026 Security Advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›