A critical security flaw has been discovered in the widely used npm package expr-eval, potentially exposing AI and natural language processing applications to remote code execution attacks.
The vulnerability, tracked as CVE-2025-12735, allows attackers to execute arbitrary system commands through maliciously crafted input.
The expr-eval library is a JavaScript tool designed to parse and evaluate mathematical expressions safely, serving as a more secure alternative to JavaScript’s native eval() function.
With over 250 dependent packages, including oplangchain, a JavaScript implementation of the popular LangChain framework, this vulnerability has significant implications for the AI and NLP ecosystem.
NPM Library Vulnerability
Carnegie Mellon University researchers discovered that attackers can define arbitrary functions within the parser’s context object, enabling the injection of malicious code that executes system-level commands.
This vulnerability achieves Total Technical Impact under the SSVC framework, meaning adversaries gain complete control over affected software behavior and can access all system information.
| CVE ID | Affected Package | Vulnerability Type | Patched Version |
|---|---|---|---|
| CVE-2025-12735 | expr-eval, expr-eval-fork | Remote Code Execution | expr-eval-fork v3.0.0 |
The flaw is particularly dangerous for generative AI systems and NLP applications. These systems often run in server environments with access to sensitive local resources and process user-supplied mathematical expressions.
Developers using expr-eval or expr-eval-fork should take immediate action by upgrading to the expr-eval-fork version 3.0.0, which includes comprehensive security patches.
The update introduces an allowlist of safe functions, mandatory registration for custom functions, and enhanced test cases to enforce security constraints.
The vulnerability was responsibly disclosed by security researcher Jangwoo Choe (UKO) and patched through GitHub Pull Request #288.
Organizations can use npm audit to automatically detect this vulnerability in their projects through the GitHub Security Advisory GHSA-jc85-fpwf-qm7x.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
