What is the severity of CVE-2025-12735?

CVE-2025-12735 has a severity rating of CRITICAL with a CVSS base score of 9.8.

CVE-2025-12735 | Critical Vulnerability in Jorenbroekema & Silentmatt JavaScript Expression Evaluator

Q: What is CVE-2025-12735?

A critical vulnerability in the expr-eval library allows attackers to execute arbitrary code due to insufficient input validation. Immediate remediation is required to mitigate risks associated with this flaw.

The expr-eval library, developed by Jorenbroekema and Silentmatt, is a widely used JavaScript expression parser and evaluator. This library is designed to evaluate mathematical expressions safely, utilizing user-defined variables. However, it has come to light that due to insufficient input validation, an attacker can exploit this vulnerability by passing a crafted context object or using the MEMBER of the context object into the evaluate() function. This can lead to arbitrary code execution.

With a CVSS score of 9.8, this vulnerability is classified as critical, indicating a severe impact on confidentiality, integrity, and availability. Organizations utilizing affected versions of the expr-eval library need to prioritize remediation to address this vulnerability, as the risk to organizations includes potential unauthorized access and execution of harmful commands.

At this time, there is confirmed exploit availability for this vulnerability, which elevates the urgency for defenders. Organizations should prioritize patching immediately to prevent exploitation. The expr-eval library's vulnerability is compounded by its potential for widespread use in various applications, making this a significant concern for many developers and companies.

Organizations must ensure they are using the latest patched versions of the expr-eval library to mitigate the risks associated with this vulnerability. Failure to do so could result in significant damage to systems and data.

Vulnerability Details

This vulnerability allows an attacker to execute arbitrary code due to insufficient input validation in the expr-eval library. The vulnerability is classified under CWE-94: Improper Control of Generation of Code ('Code Injection'). The CVSS score of 9.8 indicates a critical severity level, highlighting the need for immediate action. The affected product is the JavaScript expression evaluator, and the vulnerability was published on November 5, 2025.

Technical Analysis

The root cause of this vulnerability lies in the insufficient input validation within the expr-eval library. Attackers may exploit this vulnerability through a network attack vector, given that the attack complexity is low, and no privileges or user interaction are required. The impact on confidentiality, integrity, and availability is high, as arbitrary code execution can compromise entire systems.

Risk & Impact Analysis

Real-world deployment risk is heightened due to the critical nature of this vulnerability. Organizations relying on the expr-eval library must understand the potential blast radius, as this vulnerability can affect any application utilizing this library without proper input validation.

Exploitation Status

Signal	Status
Known Exploit	Yes
Public PoC	Yes
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions of the expr-eval library include version 3.0.0 from Jorenbroekema and earlier versions up to 2.0.2 from Silentmatt. All versions prior to vendor patch are vulnerable.

Mitigation & Remediation

Organizations must update to the latest patched version of the expr-eval library. If a patch is not available, consider implementing input validation to sanitize user inputs. Additionally, deploying security controls, such as web application firewalls, can help mitigate exploitation risk. For further guidance, organizations should consider engaging in penetration testing to identify potential weaknesses that could be exploited.

Detection Guidance

To detect potential exploitation attempts, organizations should monitor logs for unusual activities related to the expr-eval library. Behavioral anomalies, such as unexpected execution of mathematical expressions or unauthorized access attempts, should also be flagged for further analysis.

AppSecure Threat Intelligence Insight

The long-term significance of this vulnerability lies in its potential to compromise applications relying on the expr-eval library. This incident highlights the importance of thorough input validation and the necessity for security teams to regularly review dependencies for vulnerabilities. The trend of code injection vulnerabilities continues to pose a substantial risk in software development.

Organizations should also consider adopting best practices for security testing, including regular audits and assessments. For more insights, refer to resources on penetration testing methodology, vulnerability management program, and API penetration testing to strengthen their security posture.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-12735: Critical Vulnerability in Jorenbroekema & Silentmatt JavaScript Expression Evaluator