Critical Vulnerability in Keras: Arbitrary Code Execution via Deserialization
A critical vulnerability (CVE-2026-12481) in Keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the `Lambda` layer. This vulnerability has a CVSS score of 8.8 and can be exploited to achieve OS-level code execution. Affected users must update to a patched version to mitigate this risk.