CVE-2026-40072

Name of the Vulnerable Software and Affected Versions web3.py versions 6.0.0b3 through 7.15.0 web3.py versions 6.0.0b3 through 8.0.0b2

Description web3.py implements CCIP Read / OffchainLookup (EIP-3668) by performing HTTP requests to URLs supplied by smart contracts in the offchain lookup payload["urls"] variable. The implementation uses these URLs directly after {sender} and {data} template substitution without destination validation, lacking restrictions on schemes, hostname allowlists, or blocking of private and reserved IP ranges. Because CCIP Read is enabled by default via the global ccip read enabled variable, any application using the .call() method is exposed.

This leads to Server-Side Request Forgery (SSRF) when the library is used in backend services, indexers, or APIs that perform eth call or .call() against untrusted contract addresses. A malicious contract can force the process to issue HTTP GET or POST requests to arbitrary destinations, such as internal network services, loopback addresses, and cloud metadata endpoints. The issue is further amplified as the library follows HTTP redirects by default without validating the final resolved URL.

Recommendations Update web3.py to version 7.15.0 or 8.0.0b2. As a temporary workaround, disable CCIP Read by setting global ccip read enabled to False when calling untrusted contracts.