Overview
Wolfram Cloud version 14.2 allows Java Virtual Machine (JVM) unrestricted access to temporary resources in the /tmp/ directory of the cloud environment which may result in privilege escalation, information exfiltration, and remote code execution. In the same cloud instance, temporary directories of other users may be accessible.
Description
Wolfram Cloud is a multi-tenant cloud platform that supports a virtual “notebook” interface for easier programming and accessibility to tools for quickly building and publishing integrated applications. In this architecture, the instance kernel /tmp/ directory is shared, but with access permissions. Excepting the JVM initialization file, these temporary directories usually do not contain sensitive information. A newly discovered race condition allows attackers to poison the classpath via the shared /tmp/ directory during JVM initializaiton. If an attacker can approximate when users would be launching the JVM, access to an unprotected temporary directory may be successful.
The cause is the implementation of the virtual environment by the hosting platform which manages access to temporary files in a multi-tenant cloud environment. A successful attack will give the attacker access to the temporary directories of other users.
Impact
An attacker that accesses the shared /tmp/ directory of the instance can potentially achieve privilege escalation, information exfiltration, and remote code execution.
This constitutes a Technical Impact = Total under the SSVC framework, meaning:

The vulnerability gives the adversary total control over the behavior of the software or total disclosure of all information on the affected system.

Solution
The CERT/CC recommends updating Wolfram Cloud to version 14.2.1.
Acknowledgements
Thanks to the reporter Peter Roberge from Pointer Cybersecurity. This document was written by Laurie Tyzenhaus and Renae Metcalf.

Overview
Lite XL is a lightweight text editor derived from the lite project, written primarily in Lua and C. It supports Windows, Linux, and macOS, and is designed for extensibility through plugins and project‑specific modules.
Description
Two vulnerabilities were identified Lite XL:
CVE-2025-12120
Lite XL versions 2.1.8 and prior automatically execute the .lite_project.lua file when opening a project directory, without prompting the user for confirmation. The .lite_project.lua file is intended for project-specific configuration but can contain executable Lua logic. This behavior could allow execution of untrusted Lua code if a user opens a malicious project, potentially leading to arbitrary code execution with the privileges of the Lite XL process.
CVE-2025-12121
Lite XL versions 2.1.8 and prior contain a vulnerability in the system.exec function, which allowed arbitrary command execution through unsanitized shell command construction. This function was used in project directory launching (core.lua), drag-and-drop file handling (rootview.lua), and the “open in system” command in the treeview plugin (treeview.lua). If an attacker could influence input to system.exec, they might execute arbitrary commands with the privileges of the Lite XL process.
Impact
CVE-2025-12120
When opening a project in Lite XL, the project’s Lua module was executed automatically, potentially allowing malicious code in a repository to run without user consent.
CVE-2025-12121
The legacy system.exec function allowed arbitrary shell command execution, which could be abused to compromise the host system.
Affected versions
Lite XL versions 2.1.8 and prior
Solution
Users should update to the latest version of Lite XL that includes these pull requests:
PR #1472 – Adds in a trust guard for project modules.
PR #1473 – Removed legacy exec function.
These updates ensure that untrusted projects cannot automatically execute Lua code and that unsafe system calls are no longer available.
Acknowledgements
Thanks to the reporter Dogus Demirkiran for reporting these vulnerabilities. Additional thanks to GitHub user Summertime for also identifying CVE-2025-12120 and opening Issue #1892 on GitHub. This document was written by Marisa Midler.

Overview
The npm package expr-eval is a JavaScript library that evaluates mathematical expressions and is used in various applications, including NLP and AI. A vulnerability in this library has been disclosed that could allow arbitrary code execution by an attacker using maliciously crafted input.
Description
The npm projects expr-eval and expr-eval-fork are JavaScript libraries used to parse and evaluate mathematical expressions, extending NLP applications that process mathematical expressions and their numerical data. This capability is particularly useful in generative AI systems that need to interpret mathematical expressions within user prompts. The Parser class and its evaluate() method is designed to provide user-defined expressions in a safer way than JavaScript’s native eval() function. This design choice is critical for npm-based projects, especially those running in server environments where access to a system’s local resources could pose security risks. According to npmjs.com, expr-eval has over 250 dependent packages, including integrations such as oplangchain, a JavaScript implementation of the popular LangChain framework. The related project expr-eval-fork was created to address a prior Prototype Pollution vulnerability (Issue #266) that remained unresolved in the original expr-eval repository, which appears to be unmaintained by the original author.
A newly discovered vulnerability allows an attacker to define arbitrary functions within the context object used by the parser. This capability can be exploited to inject malicious code that executes system-level commands, potentially accessing sensitive local resources or exfiltrating data. This issue has been patched via Pull Request #288. The vulnerability is tracked with CVE-2025-12735, as well as the GitHub Advisory GHSA-jc85-fpwf-qm7x. These identifiers enable automated tools such as npm audit to detect the vulnerability in affected projects.
Impact
An attacker with the ability to influence input fields processed by expr-eval can craft malicious payloads that trigger arbitrary command execution on the host system.
This constitutes a Technical Impact = Total under the SSVC framework, meaning:

The vulnerability gives the adversary total control over the behavior of the software or total disclosure of all information on the affected system.

Solution
Developers and Users are advised either to:

Apply the security patch from Pull Request #288, or
Upgrade to the latest patched version of the expr-eval or expr-eval-fork package as they become available. The npm package expr-eval-fork v 3.0.0 resolves this issue.

Note: The patch introduces:

A defined AllowList of safe functions accessible via evaluate()
A mandatory registration mechanism for custom functions.
Updated test cases ensuring enforcement of these constraints can be understood and applied

Acknowledgements
Thanks to the reporter Jangwoo Choe (UKO) for responsibly disclosing this issue. We also acknowledge GitHub Security and npm for their proactive security advisories and automated vulnerability audits. This document was written by Vijay Sarvepalli and Renae Metcalf.