Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
"https://github.com/pypa/advisory-database/blob/main/vulns/pillow/PYSEC-2026-457.yaml"