CVE-2026-32640
Awaiting Analysis Awaiting Analysis - Queue
Sandbox Bypass in SimpleEval Allows Dangerous Module Access

Publication date: 2026-03-16

Last updated on: 2026-04-21

Assigner: GitHub, Inc.

Description
SimpleEval is a library for adding evaluatable expressions into python projects. Prior to 1.0.5, objects (including modules) can leak dangerous modules through to direct access inside the sandbox. If the objects you've passed in as names to SimpleEval have modules or other disallowed / dangerous objects available as attrs. Additionally, dangerous functions or modules could be accessed by passing them as callbacks to other safe functions to call. The latest version 1.0.5 has this issue fixed. This vulnerability is fixed in 1.0.5.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-04-21
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-15
NVD
CVE-2026-32640
EUVD
EUVD-2026-12142
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
danthedeckie simpleeval to 1.0.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-915 The product receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-32640 is a security vulnerability in the Python package SimpleEval versions prior to 1.0.5. The issue occurs because objects, including modules, passed into SimpleEval can leak access to dangerous modules inside the sandbox environment.

If the objects passed as names to SimpleEval have attributes that reference disallowed or dangerous modules (such as os or sys), an attacker can exploit these attribute chains to gain unauthorized access to those modules.

Additionally, dangerous functions or modules can be accessed by passing them as callbacks to otherwise safe functions, further increasing the risk.

This vulnerability was fixed in SimpleEval version 1.0.5 by introducing protections such as the ModuleWrapper to encapsulate potentially vulnerable items and prevent unauthorized access.

Impact Analysis

This vulnerability can allow an attacker to gain unauthorized access to dangerous modules within the SimpleEval sandbox, potentially leading to execution of harmful operations.

By exploiting attribute chains, an attacker could access modules like os or sys, which might enable them to manipulate the file system, execute system commands, or interfere with the running environment.

Such unauthorized access can compromise the security and integrity of your application, leading to data breaches, system compromise, or other malicious activities.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability involves the SimpleEval Python package leaking access to dangerous modules through objects passed into its sandbox environment. Detection involves inspecting your Python projects that use SimpleEval versions prior to 1.0.5 to see if any objects or modules with dangerous attributes (such as os, sys, or their derivatives) are passed into SimpleEval.'}, {'type': 'paragraph', 'content': 'There are no specific network detection commands provided, but you can audit your codebase for usage of SimpleEval and check the version.'}, {'type': 'paragraph', 'content': 'Suggested commands to detect vulnerable versions and usage in your environment include:'}, {'type': 'list_item', 'content': 'Check installed SimpleEval version: `pip show simpleeval`'}, {'type': 'list_item', 'content': 'Search your codebase for SimpleEval usage: `grep -r "import simpleeval" ./` or `grep -r "SimpleEval" ./`'}, {'type': 'list_item', 'content': 'Review code where objects with attributes referencing modules like os, sys, pathlib, shutil, glob, statistics, numpy, or urllib.parse are passed into SimpleEval.'}] [1]

Mitigation Strategies

The primary mitigation is to upgrade SimpleEval to version 1.0.5 or later, where this vulnerability is fixed.

If upgrading immediately is not possible, avoid passing objects or modules with direct attributes to dangerous items (such as os, sys, and their derivatives) into SimpleEval.

Alternatively, use the ModuleWrapper introduced in version 1.0.5 to encapsulate potentially vulnerable items and prevent unauthorized access.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32640. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart