Information disclosure in Openai Codex Desktop App For Macos
CVE-2026-14898
The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted so…
Vulnerability class: Information Disclosure
Affected products
- Openai Codex Desktop App For Macos — versions 0