CVE-2025-54558 | OpenAI Codex CLI up to 0.8.x auto-approves ripgrep inclusion of functionality from untrusted control sphere

Inserito da Angelo Barbosa | Lug 25, 2025 | CVE

A vulnerability classified as problematic has been found in OpenAI Codex CLI up to 0.8.x. This affects an unknown part of the component auto-approves ripgrep Handler. The manipulation leads to inclusion of functionality from untrusted control sphere.

This vulnerability is uniquely identified as CVE-2025-54558. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-54558 | OpenAI Codex CLI up to 0.8.x auto-approves ripgrep inclusion of functionality from untrusted control sphere

Post correlati

CVE-2024-10069 | ESAFENET CDG 5 MailDecryptApplicationService.java actionPassMainApplication id sql injection

CVE-2023-6906 | Totolink A7100RU 7.4cu.2313_B20191024 HTTP POST Request cstecgi.cgi main flag buffer overflow

VDB-261594 | CrushFTP up to 10.7.1/11.0 VFS information disclosure

CVE-2025-21285 | Microsoft