CVE-2025-61260 — OpenAI Codex CLI: Command Injection via Project-Local Configuration 

CVE-2025-61260 — OpenAI Codex CLI: Command Injection via Project-Local Configuration 

SecurityVendor
Yanac

By: Isabel Mill & Oded Vanunu OpenAI Codex CLI is OpenAI’s command-line tool that brings AI model-backed reasoning into developer workflows. It can read, edit, and run code directly from the terminal, making it possible to interact with projects using natural language commands, automate tasks, and streamline day-to-day development One of its key features is
The post CVE-2025-61260 — OpenAI Codex CLI: Command Injection via Project-Local Configuration appeared first on Check Point Research.Check Point ResearchRead More