Openai Codex vulnerabilities
2 known vulnerabilities affecting openai/codex.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-61260P2CRITICAL≥ 0, ≤ 0.23.02026-04-14
CVE-2025-61260 [CRITICAL] CWE-94 OpenAI Codex CLI enables code execution through malicious MCP (Model Context Protocol) configuration files
OpenAI Codex CLI enables code execution through malicious MCP (Model Context Protocol) configuration files
A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP (Model Context Protocol) configuration files. The attack is triggered when a user runs the codex command inside a malicious or compr
ghsa
CVE-2025-59532P3HIGHCVSS 8.6v>= 0.2.0, < 0.39.02025-09-22
CVE-2025-59532 [HIGH] CWE-20 CVE-2025-59532: Codex CLI is a coding agent from OpenAI that runs locally. In versions 0.2.0 to 0.38.0, due to a bug
Codex CLI is a coding agent from OpenAI that runs locally. In versions 0.2.0 to 0.38.0, due to a bug in the sandbox configuration logic, Codex CLI could treat a model-generated cwd as the sandbox’s writable root, including paths outside of the folder where the user started their session. This logic bypassed the intended workspace boundary and enables a
ghsanvdosv