DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-32640: CVE-2026-32640: Sandbox Escape via Dangerous Object Leakage in SimpleEval

#security #cve #cybersecurity

CVE-2026-32640: Sandbox Escape via Dangerous Object Leakage in SimpleEval

Vulnerability ID: CVE-2026-32640
CVSS Score: 8.7
Published: 2026-03-13

SimpleEval versions prior to 1.0.5 contain a critical sandbox escape vulnerability. The expression evaluator fails to validate objects retrieved via attribute access or returned as expression results, allowing attackers to traverse from safe objects to dangerous Python modules and achieve arbitrary code execution.

TL;DR

A sandbox escape in SimpleEval (< 1.0.5) allows attackers to achieve unauthenticated remote code execution. Attackers can bypass the function blocklist by chaining attribute accesses on permitted objects to reach forbidden modules like 'os' or 'sys'.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-915, CWE-94
  • Attack Vector: Network
  • CVSS 4.0 Score: 8.7
  • Impact: Remote Code Execution / Sandbox Escape
  • Exploit Status: Proof of Concept Available
  • CISA KEV: Not Listed

Affected Systems

  • simpleeval
  • simpleeval: < 1.0.5 (Fixed in: 1.0.5)

Code Analysis

Commit: a4659fa

Security Enhancements and Expansion of DISALLOW_FUNCTIONS

Commit: 1654cbf

Implementation of Attribute Validation and _check_disallowed_items

Exploit Details

  • Project Test Suite: Proof of concept demonstrating sandbox escapes via attribute traversal, container leakage, and nested class attributes.

Mitigation Strategies

  • Upgrade the simpleeval package to version 1.0.5 immediately.
  • Implement the ModuleWrapper class with strict allowed_attrs policies for any modules passed into the execution context.
  • Audit and restrict the objects provided to the 'names' and 'functions' dictionaries to primitive data types.
  • Enforce network egress filtering on the host application to limit the impact of successful arbitrary code execution.

Remediation Steps:

  1. Identify all projects utilizing the simpleeval library within your environment.
  2. Update the dependency specification (e.g., requirements.txt, pyproject.toml) to enforce simpleeval>=1.0.5.
  3. Run unit tests to ensure compatibility with the new recursive validation logic and the expanded DISALLOW_FUNCTIONS list.
  4. Refactor code that passes raw modules into the SimpleEval names context to use the new ModuleWrapper class.
  5. Deploy the updated application to production environments.

References

Read the full report for CVE-2026-32640 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)