{"data":{"id":"554133a4-a416-4035-a1b6-071bb2fc5e14","title":"CVE-2025-54558: OpenAI Codex CLI before 0.9.0 auto-approves ripgrep (aka rg) execution even with the --pre or --hostname-bin or --search","summary":"OpenAI Codex CLI versions before 0.9.0 have a security flaw where ripgrep (a command-line search tool) can be executed automatically without requiring user approval, even when security flags like --pre, --hostname-bin, or --search-zip are used. This means an attacker could potentially run ripgrep commands without proper user consent.","solution":"Update OpenAI Codex CLI to version 0.9.0 or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-54558","publishedAt":"2025-07-25T06:15:24.433Z","cveId":"CVE-2025-54558","cweIds":["CWE-829"],"cvssScore":"4.1","cvssSeverity":"medium","severity":"medium","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["OpenAI"],"affectedVendorsRaw":["OpenAI Codex CLI","ripgrep"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00014,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-437"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}