Threats Tagged 'cve-2026-12481'
View all threats tagged with 'cve-2026-12481'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-12481'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-12481: CWE-502 Deserialization of Untrusted Data in keras-team keras-team/kerasCVE-2026-12481 0 CVE-2026-12481 is a high-severity vulnerability in keras-team/keras version 3.14.0 involving unsafe deserialization in the Lambda layer. The issue arises because the function _raise_for_lambda_deserialization() does not enforce the safe-mode guard when safe_mode is None, the default outside a SafeModeScope context. This allows attacker-controlled marshal bytecode to be deserialized, potentially leading to arbitrary OS-level code execution. The vulnerability affects deserialization calls such as keras.layers.deserialize(config), keras.models.clone_model(model), and Lambda.from_config(config) without SafeModeScope(True). Join the discussion | CVE Database V5 | 07/03/2026, 20:36:05 UTC Added: 07/03/2026, 20:52:11 UTC |
Showing 1 to 1 of 1 result