PT-2025-48450 · Openai · Openai Codex Cli

Publicado

2025-12-01

·

Atualizado

2026-04-28

·

CVE-2025-61260

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions OpenAI Codex CLI versions prior to 0.23.0
Description The OpenAI Codex CLI is susceptible to a command injection flaw stemming from how it processes project-local configuration files. Attackers can exploit this by placing malicious configuration files within repositories. When developers run the Codex CLI in a directory containing these files, arbitrary commands can be executed silently, without requiring user interaction. This can lead to supply chain attacks, potentially compromising developer machines and CI/CD pipelines. The issue arises from a lack of validation when processing repository-level configurations. The vulnerability allows attackers with commit or pull request access to add malicious files (such as .env and .codex/config.toml) that trigger automatic command execution, establish backdoors, and compromise downstream repositories. The vulnerability is tracked as CVE-2025-61260.
Recommendations Update to OpenAI Codex CLI version 0.23.0 or later.

Exploit

Correção

RCE

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2025-61260
GHSA-XRXF-JGV3-QMRM

Produtos afetados

Openai Codex Cli