pkg:npm/@openai/codex
2 total CVEsCRITICAL1
✅ Check your installed version
All known vulnerabilities
CRITICAL9.8CVE-2025-61260OpenAI Codex CLI enables code execution through malicious MCP (Model Context Protocol) configuration files from 0, <= 0.23.0
—CVE-2025-59532Codex has sandbox bypass due to bug in path configuration logic >= 0.2.0, < 0.39.0