PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-0897 Google CVE debrief

CVE-2026-0897 is a HIGH severity vulnerability in Google Keras 3.0.0 through 3.13.0 on all platforms. The vulnerability allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive containing a valid model.weights.h5 file whose dataset declares an extremely large shape. This issue is caused by the Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component. The vulnerability has a CVSS score of 7.1 and is considered HIGH severity. The CVE was published on January 15, 2026, and was last modified on June 30, 2026.

Vendor
Google
Product
Keras
CVSS
HIGH 7.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-01-15
Original CVE updated
2026-06-30
Advisory published
2026-01-15
Advisory updated
2026-06-30

Who should care

Organizations using Google Keras 3.0.0 through 3.13.0 on all platforms should be aware of this vulnerability and take necessary steps to mitigate it. This includes reviewing their inventory of affected systems and applying patches or mitigations as available. Additionally, defenders should monitor for potential exploitation attempts and be prepared to respond to incidents.

Technical summary

The vulnerability is caused by the lack of limits or throttling on resource allocation in the HDF5 weight loading component of Google Keras. This allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter. The vulnerability can be exploited via a crafted .keras archive containing a valid model.weights.h5 file with an extremely large shape declared in its dataset. The CVSS vector for this vulnerability is CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

Defensive priority

High priority should be given to patching or mitigating this vulnerability, as it can be exploited to cause a Denial of Service (DoS). Defenders should review their inventory of affected systems and apply patches or mitigations as available.

Recommended defensive actions

  • Review inventory of affected Google Keras systems
  • Apply patches or mitigations as available
  • Monitor for potential exploitation attempts
  • Be prepared to respond to incidents
  • Consider implementing compensating controls
  • Track exceptions and monitor for unusual activity

Evidence notes

The CVE-2026-0897 vulnerability was published on January 15, 2026, and last modified on June 30, 2026. The vulnerability has a CVSS score of 7.1 and is considered HIGH severity. The NVD provides detailed information on the vulnerability, including its CVSS vector and CPE criteria.

Official resources

This article is AI-assisted and based on the supplied source corpus.