{"data":{"id":"69922555-1bcf-47f4-ba0c-2b6294788203","title":"CVE-2025-59532: Codex CLI is a coding agent from OpenAI that runs locally. In versions 0.2.0 to 0.38.0, due to a bug in the sandbox conf","summary":"Codex CLI (a coding tool from OpenAI that runs on your computer) versions 0.2.0 to 0.38.0 had a sandbox bug that allowed the AI model to trick the system into writing files and running commands outside the intended workspace folder. The sandbox (a restricted area meant to contain the tool's actions) wasn't properly checking where it should allow file access, which bypassed security boundaries, though network restrictions still worked.","solution":"Update to Codex CLI 0.39.0 or later, which fixes the sandbox boundary validation. The patch now checks that the sandbox boundaries are based on where the user started the session, not on paths generated by the model. If using the Codex IDE extension, update immediately to version 0.4.12. Users on 0.38.0 or earlier should update via their package manager or reinstall the latest version.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-59532","publishedAt":"2025-09-23T01:16:00.130Z","cveId":"CVE-2025-59532","cweIds":["CWE-20"],"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["OpenAI"],"affectedVendorsRaw":["OpenAI","Codex CLI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00038,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}