Zero Day MonitorZDM

← Back to list

—

CVE-2025-61260EXPLOITED

n/a · n/a

CVE-2025-61260: A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP

Description

A vulnerability marked as critical has been reported in OpenAI Codex CLI up to 0.23.0. The affected element is an unknown function of the file codex/config.toml of the component Model Context Protocol Configuration File Handler. This manipulation causes privilege escalation. The attack needs to be done within the local network.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a, 0.23.0

References

Related News (1 articles)

Tier C

VulDB10h ago

CVE-2025-61260 | OpenAI Codex CLI up to 0.23.0 Model Context Protocol Configuration File codex/config.toml privilege escalation

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

PublishedApr 14, 2026

Last enriched9h agov2

Trending Score48

Source articles1

Independent1

Info Completeness6/14

Missing: cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2025-65135EXP

CVE-2025-65135: In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin

HIGHCVE-2026-38529EXP

CVE-2026-38529: A Broken Object-Level Authorization (BOLA) in the /Settings/UserController.php endpoint of Webkul Krayin CRM v2.2.x allo

HIGHCVE-2026-38530EXP

CVE-2026-38530: A Broken Object-Level Authorization (BOLA) in the /Controllers/Lead/LeadController.php endpoint of Webkul Krayin CRM v2.

MEDIUMCVE-2025-65136EXP

CVE-2025-65136: In manikandan580 School-management-system 1.0, a reflected XSS vulnerability exists in /studentms/admin/contact-us.php v

MEDIUMCVE-2025-65132EXP

CVE-2025-65132: alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting (XSS) in /public/admin/edit_room.php which a

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 14, 2026

Actively Exploited

Apr 14, 2026

Discovered by ZDM

Apr 14, 2026

Updated: description, affectedVersions, severity, activelyExploited

Apr 14, 2026

Version History

v2

Last enriched 9h ago

v2Tier C9h ago

Updated vendor and product information, changed severity to CRITICAL, and provided a more detailed description of the vulnerability.

descriptionaffectedVersionsseverityactivelyExploited

via VulDB

v110h ago

Initial creation