Security fix: lambda expressions disabled in eval to block code injection
The vulnerability
eval() in server scripts accepted lambda expressions, which opened a path to arbitrary code execution for anyone who could influence an evaluated string.
The fix
Lambda expressions are now rejected before evaluation. Legitimate expressions are unaffected; only the unsafe construct is blocked.
What you should do
- Nothing, if your scripts use plain expressions
- Review any script that relied on inline lambdas — rewrite them as named functions