web3.py allows you to interact with the Ethereum blockchain using Python. From 6.0.0b3 to before 7.15.0 and 8.0.0b2, web3.py implements CCIP Read / OffchainLookup (EIP-3668) by performing HTTP requests to URLs supplied by smart contracts in offchainlookuppayload["urls"]. The implementation uses these contract-supplied URLs directly (after {sender} / {data} template substitution) without any destination validation. CCIP Read is enabled by default (globalccipreadenabled = True on all providers), meaning any application using web3.py's .call() method is exposed without explicit opt-in. This results in Server-Side Request Forgery (SSRF) when web3.py is used in backend services, indexers, APIs, or any environment that performs ethcall / .call() against untrusted or user-supplied contract addresses. A malicious contract can force the web3.py process to issue HTTP requests to arbitrary destinations, including internal network services and cloud metadata endpoints. This vulnerability is fixed in 7.15.0 and 8.0.0b2.
{
"unresolved_ranges": [
{
"source": "AFFECTED_FIELD",
"extracted_events": [
{
"introduced": "8.0.0b1"
},
{
"fixed": "8.0.0b2"
}
]
}
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/40xxx/CVE-2026-40072.json",
"cna_assigner": "GitHub_M",
"cwe_ids": [
"CWE-918"
]
}{
"source": [
"CPE_RANGE",
"CPE_STRING",
"REFERENCES"
],
"cpe": [
"cpe:2.3:a:apeworx:web3.py:*:*:*:*:*:python:*:*",
"cpe:2.3:a:apeworx:web3.py:6.0.0:-:*:*:*:python:*:*"
],
"extracted_events": [
{
"introduced": "6.1.0"
},
{
"fixed": "7.15.0"
},
{
"introduced": "6.0.0-NA"
},
{
"last_affected": "6.0.0-NA"
}
]
}