If the objects passed in as names to SimpleEval have modules or other disallowed / dangerous objects available as attrs.
Additionally, dangerous functions or modules could be accessed by passing them as callbacks to other safe functions to call.
Examples (found by @ByamB4):
Any module where non-underscore attribute chains reach os or sys:
- os.path, pathlib, shutil, glob (direct .os / .sys attributes)
- statistics (has .sys)
- numpy (has .ctypeslib.os and .f2py.sys)
- urllib.parse (has .warnings.sys)
The latest version 1.0.5 has this issue fixed.
Don't pass in objects or modules which have direct attributes to potentially dangerous items.
Use a wrapper to wrap the potentially vulnerable items (See the ModuleWrapper in version 1.0.5)
| Score | Percentile |
|---|---|
| 0.05% | 16.52% |
| Base score | Version | Severity | Vector |
|---|---|---|---|
| 9.8 | 3.1 | — |
|
| 8.7 | 4.0 | — |
|
| Type | Value |
|---|---|
| GHSA | GHSA-44vg-5wv2-h2hg ↗ |
| CVE | CVE-2026-32640 ↗ |
Vulnerable version ranges and first patched releases as published by GitHub.
| Ecosystem | Package | Vulnerable range | First patched | Vulnerable functions |
|---|---|---|---|---|
| pip | simpleeval | < 1.0.5 | 1.0.5 | — |