Tag
high
advisory
HDF5 Heap Use-After-Free Vulnerability in h5dump (CVE-2026-34734)
2 rules 1 TTP 1 CVEA heap-use-after-free vulnerability (CVE-2026-34734) in HDF5 version 1.14.1-2 and earlier within the h5dump helper utility can be triggered by a malicious h5 file, leading to arbitrary code execution.
hdf5
heap-use-after-free
cve-2026-34734
h5dump
2r
1t
1c
medium
advisory
Keras Model Loader Vulnerable to Denial-of-Service via Malicious HDF5 Shape Bombs
2 rules 1 TTP 1 CVE 1 IOCKeras model loader is vulnerable to denial-of-service by loading specially crafted .keras files containing HDF5-based weight files with maliciously oversized dataset metadata, leading to immediate memory exhaustion during model loading.
Keras +2
denial-of-service
hdf5
model-loading
shape-bomb
2r
1t
1c
1i