VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-rg36-jn72-cyab

Essentials
Severities (19)
References (10)
Severity details (16)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-rg36-jn72-cyab
Aliases	CVE-2026-1462 GHSA-4f3f-g24h-fr8m
Summary	A vulnerability in the `TFSMLayer` class of the `keras` package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of `.keras` models, even when `safe_mode=True`. This bypasses the security guarantees of `safe_mode` and enables arbitrary attacker-controlled code execution during model inference under the victim's privileges. The issue arises due to the unconditional loading of external SavedModels, serialization of attacker-controlled file paths, and the lack of validation in the `from_config()` method.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-502	Deserialization of Untrusted Data
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3	7.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1462.json
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2026-1462
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2026-1462
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2026-1462
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-4f3f-g24h-fr8m
cvssv3.1	8.8	https://github.com/keras-team/keras
generic_textual	HIGH	https://github.com/keras-team/keras
cvssv3	8.8	https://github.com/keras-team/keras/commit/b6773d3decaef1b05d8e794458e148cb362f163f
cvssv3.1	8.8	https://github.com/keras-team/keras/commit/b6773d3decaef1b05d8e794458e148cb362f163f
generic_textual	HIGH	https://github.com/keras-team/keras/commit/b6773d3decaef1b05d8e794458e148cb362f163f
ssvc	Track*	https://github.com/keras-team/keras/commit/b6773d3decaef1b05d8e794458e148cb362f163f
cvssv3.1	8.8	https://github.com/keras-team/keras/pull/22035
generic_textual	HIGH	https://github.com/keras-team/keras/pull/22035
cvssv3	8.8	https://huntr.com/bounties/7e78d6f1-6977-4300-b595-e81bdbda331c
cvssv3.1	8.8	https://huntr.com/bounties/7e78d6f1-6977-4300-b595-e81bdbda331c
generic_textual	HIGH	https://huntr.com/bounties/7e78d6f1-6977-4300-b595-e81bdbda331c
ssvc	Track*	https://huntr.com/bounties/7e78d6f1-6977-4300-b595-e81bdbda331c
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2026-1462
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2026-1462

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1462.json
		https://api.first.org/data/v1/epss?cve=CVE-2026-1462
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1462
		https://github.com/keras-team/keras/pull/22035
		https://nvd.nist.gov/vuln/detail/CVE-2026-1462
2457856		https://bugzilla.redhat.com/show_bug.cgi?id=2457856
7e78d6f1-6977-4300-b595-e81bdbda331c		https://huntr.com/bounties/7e78d6f1-6977-4300-b595-e81bdbda331c
b6773d3decaef1b05d8e794458e148cb362f163f		https://github.com/keras-team/keras/commit/b6773d3decaef1b05d8e794458e148cb362f163f
GHSA-4f3f-g24h-fr8m		https://github.com/advisories/GHSA-4f3f-g24h-fr8m
RHSA-2026:24977		https://access.redhat.com/errata/RHSA-2026:24977

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1462.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/keras-team/keras

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/keras-team/keras/commit/b6773d3decaef1b05d8e794458e148cb362f163f

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/keras-team/keras/commit/b6773d3decaef1b05d8e794458e148cb362f163f

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-13T18:53:01Z/ Found at https://github.com/keras-team/keras/commit/b6773d3decaef1b05d8e794458e148cb362f163f

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/keras-team/keras/pull/22035

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://huntr.com/bounties/7e78d6f1-6977-4300-b595-e81bdbda331c

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://huntr.com/bounties/7e78d6f1-6977-4300-b595-e81bdbda331c

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-13T18:53:01Z/ Found at https://huntr.com/bounties/7e78d6f1-6977-4300-b595-e81bdbda331c

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2026-1462

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.21652
EPSS Score	0.0007
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T16:50:16.628577+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2026/1xxx/CVE-2026-1462.json	38.6.0