CVE-2025-55345 Unsafe symlink following in restricted workspace-write sandbox leads to RCE
Using Codex CLI in workspace-write mode inside a malicious context repo, directory, etc could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory...