YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
⚠️ WARNING — Security Research PoC
DO NOT load this model in production environments.
What is this?
Proof-of-concept Keras model for responsible security vulnerability disclosure via huntr.com.
Vulnerability Type
CVE-2026-1669 Patch Bypass / Arbitrary File Read (CWE-552)
Keras _verify_dataset() checks dataset.external (HDF5 External Storage) but NOT dataset.is_virtual (HDF5 Virtual Dataset). A crafted .keras model with VDS weight references reads arbitrary files from the victim's filesystem when loaded, even with safe_mode=True.
Important Notes
- 🔴 This model contains crafted HDF5 Virtual Dataset references.
- 🔴 Loading may cause unintended file access on your system.
- 🔴 DO NOT load in any production, staging, or shared environment.
- This repository will be removed after the vulnerability review process.
Responsible Disclosure
Part of a responsible disclosure process through huntr.com.
- Downloads last month
- 10
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support