AI Threat Alert

CVE-2025-54558

MEDIUM
Published July 25, 2025

OpenAI Codex CLI before 0.9.0 auto-approves ripgrep (aka rg) execution even with the --pre or --hostname-bin or --search-zip or -z...

Full analysis pending. Showing NVD description excerpt.

Severity & Risk

CVSS 3.1
4.1 / 10
EPSS
N/A
KEV Status
Not in KEV
Sophistication
N/A

Recommended Action

No patch available

Monitor for updates. Consider compensating controls or temporary mitigations.

Compliance Impact

Compliance analysis pending. Sign in for full compliance mapping when available.

Technical Details

NVD Description

OpenAI Codex CLI before 0.9.0 auto-approves ripgrep (aka rg) execution even with the --pre or --hostname-bin or --search-zip or -z flag.

Weaknesses (CWE)

CWE-829

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

References

Timeline

Published
July 25, 2025
Last Modified
July 25, 2025
First Seen
July 25, 2025
Back to Threat Feed