diff --git a/SPECS/keras/CVE-2025-12638.patch b/SPECS/keras/CVE-2025-12638.patch
new file mode 100644
index 00000000000..ebb4e812101
--- /dev/null
+++ b/SPECS/keras/CVE-2025-12638.patch
@@ -0,0 +1,28 @@
+From d275df9ef4a873f8d979fb4d27753e1369a155f2 Mon Sep 17 00:00:00 2001
+From: AllSpark <allspark@microsoft.com>
+Date: Mon, 8 Dec 2025 06:05:01 +0000
+Subject: [PATCH] Use filter="data" option of TarFile.extractall and add path
+ filtering for zip archives; share extraction code between file_utils and
+ saving_lib
+
+Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
+Upstream-reference: AI Backport of https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e95.patch
+---
+ keras/src/saving/saving_lib.py | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/keras/src/saving/saving_lib.py b/keras/src/saving/saving_lib.py
+index 1668489..f4d6fa0 100644
+--- a/keras/src/saving/saving_lib.py
++++ b/keras/src/saving/saving_lib.py
+@@ -556,6 +556,7 @@ class DiskIOStore:
+         if self.archive:
+             self.tmp_dir = get_temp_dir()
+             if self.mode == "r":
++                # Extract archive using path filtering to prevent unsafe paths
+                 file_utils.extract_open_archive(self.archive, self.tmp_dir)
+             self.working_dir = file_utils.join(
+                 self.tmp_dir, self.root_path
+-- 
+2.45.4
+
diff --git a/SPECS/keras/keras.spec b/SPECS/keras/keras.spec
index 24ede2bafb0..3d33a6fd13b 100644
--- a/SPECS/keras/keras.spec
+++ b/SPECS/keras/keras.spec
@@ -3,7 +3,7 @@
 Summary:        Keras is a high-level neural networks API.
 Name:           keras
 Version:        3.3.3
-Release:        5%{?dist}
+Release:        6%{?dist}
 License:        ASL 2.0
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -16,6 +16,7 @@ Patch01:        CVE-2025-1550.patch
 Patch02:        CVE-2025-8747.patch
 Patch03:        CVE-2025-9905.patch
 Patch4:        CVE-2025-12060.patch
+Patch5:        CVE-2025-12638.patch
 
 # Fix for CVE-2025-9906 included as part of CVE-2025-8747 and kept here as nopatch
 # and commented out, because from patch command perspective, these files
@@ -80,6 +81,9 @@ python3 pip_build.py --install
 
 
 %changelog
+* Mon Dec 08 2025 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 3.3.3-6
+- Patch for CVE-2025-12638
+
 * Fri Oct 31 2025 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 3.3.3-5
 - Patch for CVE-2025-12060