Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Expr-eval-fork security patch release for CVE-2025-12735

Security Patch Release
First reported
Last updated
Happening score
H score 27
1 unique sources, 1 articles

Summary

Hide ▲

expr-eval-fork v3.0.0 now delivers the fix for CVE-2025-12735, giving impacted projects a concrete remediation path for a critical remote-code-execution issue. The release covers the vulnerable expr-eval ecosystem and is the recommended upgrade target for users of the fork. Projects using the library are being told to switch immediately so downstream users receive the patch.

Related Happenings

Langflow security patch release for CVE-2026-5027

Security Patch Release
H score38 First: 11.06.2026 00:23 Last: 11.06.2026 00:23 Sources 1

About this happening: **Langflow** shipped fixes for **CVE-2026-5027**, closing a **path traversal** flaw that let attackers write arbitrary files on exposed servers. The patch landed in **langflow-bas...

Open Happening

Redis security patch release for CVE-2026-23479

Security Patch Release
H score24 First: 03.06.2026 16:47 Last: 03.06.2026 16:47 Sources 1

About this happening: **Redis** released patched minor versions on **May 5** to fix **CVE-2026-23479**, a **use-after-free** in **blocking-client code** that can lead to **arbitrary OS command executio...

Open Happening

Linux distros patch release for Fragnasia (CVE-2026-46300)

Security Patch Release
H score25 First: 14.05.2026 10:34 Last: 14.05.2026 10:34 Sources 1

About this happening: Linux distros are rolling out **patches** for **CVE-2026-46300**, a high-severity kernel flaw that can let unprivileged local attackers gain **root** on vulnerable Linux systems....

Open Happening

Exim security patch release for CVE-2026-45185

Security Patch Release
H score21 First: 13.05.2026 23:23 Last: 13.05.2026 23:23 Sources 1

About this happening: **Exim** released **version 4.99.3** to fix **CVE-2026-45185**, closing a **remote-code-execution risk** in affected mail servers. The patch applies to **Exim versions before 4.99...

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
H score49 First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

Timeline

  1. 10.11.2025 20:32 2 articles · 7mo ago

    expr-eval-fork v3.0.0 fixes CVE-2025-12735

    Mitigation Patch Update

    expr-eval-fork v3.0.0 delivers a security fix for CVE-2025-12735, a critical 9.8 remote code execution flaw affecting expr-eval and expr-eval-fork through maliciously crafted input to Parser.evaluate(). Impacted developers are advised to migrate immediately to expr-eval-fork v3.0.0 and republish their libraries so users receive the patch.

    Show sources
    Open in new tab