CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-12481

criticalCVSS 9.8covered by 1 sourcefirst seen 2026-07-03
A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer. Specifically, the _raise_for_lambda_deserialization() function fails to enforce the safe-mode guard when safe_mode is set to None, which is the default value when from_config() is called outside of a SafeModeScope context. This logic error conflates None (unset/default-deny) with False (explicitly disabled), bypassing the guard and allowing attacker-controlled marshal bytecode to be deserialized. Affected call sites include keras.layers.deserialize(config), keras.models.clone_model(model), and any direct invocation of Lambda.from_config(config) without an enclosing SafeModeScope(True). This vulnerability can be exploited to achieve arbitrary OS-level code execution in the context of the server or user process.

⚡ Watch CVE-2026-12481

Get an email if CVE-2026-12481 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-12481

CVE.org record

Embed the live status

CVE-2026-12481 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-12481 status](https://www.csirts.com/badge/CVE-2026-12481)](https://www.csirts.com/cve/CVE-2026-12481)