Is keras safe to use?

keras has 2 known vulnerabilities on the latest version (3.14.1). DepScope rates its health at 60/100 (moderate risk).

What is the latest version of keras?

The latest version of keras is 3.14.1, released 2026-05-07.

Yes. keras has 2 known vulnerabilities. See depscope.dev/pkg/pypi/keras for details.

No, keras is actively maintained. Latest release: 3.14.1 (2026-05-07).

Popular alternatives to keras in PyPI include: boto3, packaging, certifi, urllib3, idna.

keras is licensed under Apache License 2.0.

pypiv3.14.1

Multi-backend Keras

License Apache License 2.0permissive120 versions8 deps

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Health breakdown0 – 100

25/25

maintenance

0/20

popularity

15/25

security

15/15

maturity

10/15

community

Vulnerabilities

2 high

Advisories (2)

Severity	ID	Summary	Fixed in
high	CVE-2025-8747	A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.	—
high	CVE-2025-9906	The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One can create a specially crafted .keras model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved by crafting a special config.json (a file within the .keras archive) that will invoke keras.config.enable_unsafe_deserialization() to disable safe mode. Once safe mode is disable, one can use the Lambda layer feature of keras, w	—

Quality signals

Publish security

API token

Dependencies (8)

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/keras