Medium severity4.1NVD Advisory· Published Jul 25, 2025· Updated Apr 15, 2026

CVE-2025-54558

Description

OpenAI Codex CLI before 0.9.0 auto-approves ripgrep (aka rg) execution even with the --pre or --hostname-bin or --search-zip or -z flag.

12994d3a4353

6cf4b96f9dbb

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

No linked articles in our index yet.