OpenAI ShadowLeak mitigation for ChatGPT
Advisory/Mitigation
Summary
Hide ▲
Show ▼
OpenAI acknowledged and fixed ShadowLeak, ending a stealthy ChatGPT email-exfiltration path in the studied Gmail integration. The mitigation mattered because the flaw let hidden HTML instructions in email bodies steer the agent without visible network traces on the victim side. The key change was issuer-side closure of the attack path rather than a user-side response.
Related Happenings
Cline Kanban server WebSocket origin/authentication security flaw
Vulnerability
First: 07.05.2026 17:30
Last: 07.05.2026 17:30
Sources 1
About this happening:
**Cline Kanban server** has a **critical WebSocket origin/authentication flaw** that can let a webpage a developer visits **exfiltrate workspace data**, **inject terminal commands...
Cline Kanban server WebSocket origin/authentication security flaw
VulnerabilityAbout this happening: **Cline Kanban server** has a **critical WebSocket origin/authentication flaw** that can let a webpage a developer visits **exfiltrate workspace data**, **inject terminal commands...
LeRobot unsafe deserialization RCE (CVE-2026-25874)
Vulnerability
First: 28.04.2026 14:18
Last: 28.04.2026 14:18
Sources 1
About this happening:
The **CVE-2026-25874** unsafe deserialization flaw in **Hugging Face LeRobot** enables **unauthenticated remote code execution** against network-reachable deployments. The bug sit...
LeRobot unsafe deserialization RCE (CVE-2026-25874)
VulnerabilityAbout this happening: The **CVE-2026-25874** unsafe deserialization flaw in **Hugging Face LeRobot** enables **unauthenticated remote code execution** against network-reachable deployments. The bug sit...
Microsoft SharePoint Server spoofing vulnerability (actively exploited) (CVE-2026-32201)
Vulnerability
First: 14.04.2026 20:41
Last: 14.04.2026 20:41
Sources 1
About this happening:
Microsoft patched **CVE-2026-32201** in **Microsoft SharePoint Server**, a **spoofing vulnerability** that was **exploited in attacks** and could affect **confidentiality** and **...
Microsoft SharePoint Server spoofing vulnerability (actively exploited) (CVE-2026-32201)
VulnerabilityAbout this happening: Microsoft patched **CVE-2026-32201** in **Microsoft SharePoint Server**, a **spoofing vulnerability** that was **exploited in attacks** and could affect **confidentiality** and **...
ChatGPT single-prompt DNS side-channel exfiltration remote code execution flaw
Vulnerability
First: 31.03.2026 16:01
Last: 31.03.2026 16:01
Sources 1
About this happening:
A **ChatGPT** vulnerability let a **single malicious prompt** covertly exfiltrate prompts, messages, uploaded files, and other sensitive content through a **DNS side channel**. Th...
ChatGPT single-prompt DNS side-channel exfiltration remote code execution flaw
VulnerabilityAbout this happening: A **ChatGPT** vulnerability let a **single malicious prompt** covertly exfiltrate prompts, messages, uploaded files, and other sensitive content through a **DNS side channel**. Th...
OpenAI Safety Bug Bounty launch
Commercial Activity
First: 26.03.2026 14:20
Last: 26.03.2026 14:20
Sources 1
About this happening:
**OpenAI** launched the **Safety Bug Bounty** on **Bugcrowd**, expanding researcher coverage for **AI abuse** and **safety risks** across its products. The new program complements...
OpenAI Safety Bug Bounty launch
Commercial ActivityAbout this happening: **OpenAI** launched the **Safety Bug Bounty** on **Bugcrowd**, expanding researcher coverage for **AI abuse** and **safety risks** across its products. The new program complements...
Timeline
-
19.09.2025 22:07 2 articles · 8mo ago
OpenAI ShadowLeak mitigation for ChatGPT
Initial DisclosureAfter the issue was reported, the studied **ChatGPT**/**Gmail** attack path stopped working by **August**, indicating **OpenAI** had already mitigated **ShadowLeak**. That early closure mattered because it removed the stealthy email-exfiltration path in the test environment.
Show sources
- 'ShadowLeak' ChatGPT Attack Allows Hackers to Invisibly Steal Emails — www.darkreading.com — 19.09.2025 22:07
- ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent — thehackernews.com — 20.09.2025 08:31