CVE-2025-8747: A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attac
highvulnerability
security
Summary
CVE-2025-8747 is a safe mode bypass vulnerability in Keras (a machine learning library) versions 3.0.0 through 3.10.0 that allows an attacker to run arbitrary code (execute any commands they want) on a user's computer by tricking them into loading a specially designed `.keras` model file. The vulnerability has a CVSS score (severity rating) of 8.6, indicating it is a high-risk security problem.
Vulnerability Details
CVSS Score
7.8(high)
EPSS (30-day exploit probability)
EPSS: 0.0%
Classification
Attack Type
Model Theft
Attack SophisticationModerate
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
Google
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-8747
First tracked: February 15, 2026 at 08:42 PM
Classified by LLM (prompt v3) · confidence: 92%