CVE-2025-12735
CRITICAL EPSS 80.3%
Published Nov 5, 20257mo ago · Modified Jun 17, 20262w ago
9.8 CVSS 3.1
Published Nov 5, 2025 7mo ago
Last Modified Jun 17, 2026 2w ago
Description
The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined variables. However, due to insufficient input validation, an attacker can pass a crafted context object or use MEMBER of the context object into the evaluate() function and trigger arbitrary code execution.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
80.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-94 Improper Control of Generation of Code (Code Injection) Injection
Affected Products 2
| Vendor | Product | Version | Range |
|---|---|---|---|
| jorenbroekema | javascript_expression_evaluator | 3.0.0 | any |
| silentmatt | javascript_expression_evaluator | * | ≤2.0.2 |
References 9
- github.com https://github.com/advisories/GHSA-jc85-fpwf-qm7x
- github.com https://github.com/jorenbroekema/expr-eval
- github.com https://github.com/jorenbroekema/expr-eval/blob/460b820ba01c5aca6c5d84a7d4f1fa5d1913c67b/test/security.js
- github.com https://github.com/silentmatt/expr-eval
- github.com https://github.com/silentmatt/expr-eval/pull/288
- kb.cert.org https://kb.cert.org/vuls/id/263614
- kb.cert.org https://www.kb.cert.org/vuls/id/263614
- npmjs.com https://www.npmjs.com/package/expr-eval
- npmjs.com https://www.npmjs.com/package/expr-eval-fork
Remediation
- github.com https://github.com/silentmatt/expr-eval/pull/288