CVE-2026-14898
The CVE concerns the OpenAI Codex desktop app for macOS. The vulnerability arises when the app renders remote images from Markdown in model responses; an indirect prompt injection via content processed by Codex (e.g., a connected-tool result or other untrusted source) could cause the model to con...