{"id":"CVE-2026-40072","summary":"web3.py affected by SSRF via CCIP Read (EIP-3668) OffchainLookup URL handling","details":"web3.py allows you to interact with the Ethereum blockchain using Python. From 6.0.0b3 to before 7.15.0 and 8.0.0b2, web3.py implements CCIP Read / OffchainLookup (EIP-3668) by performing HTTP requests to URLs supplied by smart contracts in offchain_lookup_payload[\"urls\"]. The implementation uses these contract-supplied URLs directly (after {sender} / {data} template substitution) without any destination validation. CCIP Read is enabled by default (global_ccip_read_enabled = True on all providers), meaning any application using web3.py's .call() method is exposed without explicit opt-in. This results in Server-Side Request Forgery (SSRF) when web3.py is used in backend services, indexers, APIs, or any environment that performs eth_call / .call() against untrusted or user-supplied contract addresses. A malicious contract can force the web3.py process to issue HTTP requests to arbitrary destinations, including internal network services and cloud metadata endpoints. This vulnerability is fixed in 7.15.0 and 8.0.0b2.","aliases":["GHSA-5hr4-253g-cpx2"],"modified":"2026-07-08T08:13:51.176824118Z","published":"2026-04-09T17:41:14.920Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/40xxx/CVE-2026-40072.json","cna_assigner":"GitHub_M","cwe_ids":["CWE-918"],"unresolved_ranges":[{"source":"AFFECTED_FIELD","extracted_events":[{"introduced":"8.0.0b1"},{"fixed":"8.0.0b2"}]}]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/40xxx/CVE-2026-40072.json"},{"type":"ADVISORY","url":"https://github.com/ethereum/web3.py/security/advisories/GHSA-5hr4-253g-cpx2"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40072"},{"type":"FIX","url":"https://github.com/ethereum/web3.py/commit/b1c57bb0a124359c9902daaefab4d8af7c3c4c1e"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apeworx/web3.py","events":[{"introduced":"bb861d2df7d4d47acf5d2ffde63125a24e8b4d4b"},{"fixed":"cf051a72dcdb9e43c93d82d077a667982f63beea"},{"introduced":"edf0c02addc6afe21ec7274d360793022ada4116"},{"fixed":"b1c57bb0a124359c9902daaefab4d8af7c3c4c1e"}],"database_specific":{"extracted_events":[{"introduced":"6.1.0"},{"fixed":"7.15.0"},{"introduced":"6.0.0-NA"},{"last_affected":"6.0.0-NA"}],"source":["CPE_RANGE","CPE_STRING","REFERENCES"],"cpe":["cpe:2.3:a:apeworx:web3.py:*:*:*:*:*:python:*:*","cpe:2.3:a:apeworx:web3.py:6.0.0:-:*:*:*:python:*:*"]}}],"versions":["6.0.0-NA","v7.14.1","v7.14.0","v8.0.0-beta.1","v7.13.0","v7.12.1","v7.12.0","v7.11.1","v7.11.0","v7.10.0","v7.9.0","v7.8.0","v7.7.0","v7.6.1","v7.6.0","v7.5.0","v7.4.0","v7.3.1","v7.3.0","v7.2.0","v7.1.0","v7.0.0","v7.0.0-beta.9","v7.0.0-beta.8","v7.0.0-beta.7","v7.0.0-beta.6","v7.0.0-beta.5","v7.0.0-beta.4","v7.0.0-beta.3","v7.0.0-beta.2","v7.0.0-beta.1","v6.14.0","v6.13.0","v6.12.0","v6.11.4","v6.11.3","v6.11.2","v6.11.1","v6.11.0","v6.10.0","v6.9.0","v6.8.0","v6.7.0","v6.6.1","v6.6.0","v6.5.0","v6.4.0","v6.3.0","v6.2.0","v6.1.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-40072.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"}]}