Vendor
A high-severity vulnerability, CVE-2026-12480, affects the `keras-team/keras` library, enabling an arbitrary HDF5 file read via a virtual dataset bypass, potentially leading to sensitive information disclosure or exfiltration from systems utilizing the library.