{"data":{"id":"78bde42c-8106-4c03-9bb1-3addec17d710","title":"OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues","summary":"OpenAI launched Codex Security, an AI-powered security agent that scans code repositories to find and fix vulnerabilities. During its beta testing, it scanned over 1.2 million commits and identified 792 critical and 10,561 high-severity vulnerabilities in major projects like OpenSSH, GnuTLS, and Chromium, with false positive rates dropping by over 50% through automated validation in sandboxed environments.","solution":"OpenAI describes Codex Security's three-step approach: first, it analyzes a repository and generates an editable threat model; second, it identifies vulnerabilities and pressure-tests flagged issues in a sandboxed environment to validate them (and can validate directly in a project-tailored environment to reduce false positives further); third, it proposes fixes aligned with system behavior to reduce regressions. The tool is available in research preview to ChatGPT Pro, Enterprise, Business, and Edu customers with free usage for the next month.","labels":["security","industry"],"sourceUrl":"https://thehackernews.com/2026/03/openai-codex-security-scanned-12.html","publishedAt":"2026-03-07T16:28:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":["OpenAI"],"affectedVendorsRaw":["OpenAI","Codex Security","ChatGPT Pro","Aardvark","Claude Code Security","Anthropic"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}