CVE-2025-59532 · high
Codex workspace sandbox-boundary bypass
Codex CLI 0.2.0 through 0.38.0; affected IDE extension releases before 0.4.12.
Use Codex CLI 0.39.0 or later and IDE extension 0.4.12 or later, then verify the effective writable root before sensitive work.
