GHSA-XRXF-JGV3-QMRM OpenAI Codex CLI enables code execution through malicious MCP (Model Context Protocol) configuration files

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP Model Context Protocol configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads...

Arbitrary Code Injection

Overview @openai/codex is a OpenAI Codex CLI Lightweight coding agent that runs in your terminal Affected versions of this package are vulnerable to Arbitrary Code Injection via the automatic loading of .env and .codex/config.toml files when executing the CLI in a compromised repository. An...

CVE-2025-61260

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP Model Context Protocol configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads...

CVE-2025-61260

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP Model Context Protocol configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads...

CVE-2025-61260

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP Model Context Protocol configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads...

CVE-2025-61260

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP Model Context Protocol configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads...

OpenAI Codex CLI 安全漏洞

OpenAI Codex CLI is a lightweight coding agent software developed by OpenAI and run in the terminal. OpenAI Codex CLI versions prior to v0.23.0 have security vulnerabilities; these vulnerabilities stem from automatically loading malicious MCP configuration files, which may allow arbitrary code to...

CVE-2025-61260

The CVE-2025-61260 issue affects the OpenAI Codex CLI, specifically versions prior to 0.23.0. The root cause is improper handling of repository-local configuration files (notably .env and .codex/config.toml) that are loaded automatically when the codex command is executed in a malicious or compro...

PT-2026-29445

@jxnlco @emilyzsh I think he is referring to that recent CVE-2026-4417 — OpenAI Codex vulnerability where excessive usefulness leads to immediate $200/month spend escalation. No patch available; users report “this is actually worth it” before wallet compromise...

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

OpenAI Codex vulnerability allowed attackers to steal GitHub tokens via malicious branch names using hidden Unicode command injection flaw...

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

OpenAI on Friday began rolling out Codex Security , an artificial intelligence AI-powered security agent that's designed to find, validate, and propose fixes for vulnerabilities. The feature is available in a research preview to ChatGPT Pro, Enterprise, Business, and Edu customers via the Codex w...

CVE-2025-61645

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/pager/CodexTablePager.Php. This issue affects MediaWiki: from before 1.44.1...

CVE-2025-61642

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php. This issue affects...

UBUNTU-CVE-2025-61642

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php. This issue affects...

CVE-2025-61642 Stored XSS through system messages provided to CodexHtmlForms

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php. This issue affects...

CVE-2025-61642

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php. This issue affects...

CVE-2025-61642

CVE-2025-61642 is a MediaWiki XSS vulnerability (improper input neutralization during web page generation) affecting MediaWiki before 1.39.14, 1.43.4, and 1.44.1, linked to CodexHTMLForm.Php and HTMLButtonField.Php. Public details across Red Hat and Debian advisories confirm remote XSS with infor...

CVE-2025-61642 Stored XSS through system messages provided to CodexHtmlForms

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php. This issue affects...

CVE-2025-61642

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php. This issue affects...

CVE-2023-45639

Cross-Site Request Forgery CSRF vulnerability in Codex-m Sort SearchResult By Title plugin = 10.0 versions...