ChatGPT/SearchGPT prompt injection and data exfiltration weaknesses security flaw
Vulnerability
Summary
Hide ▲
Show ▼
Researchers uncovered seven weaknesses in OpenAI's ChatGPT/SearchGPT that could let an attacker use prompt injection and safety bypass techniques to steal private chat history and stored memories. The flaws affect how the system browses the web, opens URLs, and processes external content, widening the attack surface for users who rely on it for search and summarization. Researchers said the issues can be chained into complete attack paths, making the privacy risk materially more serious than a single isolated bug. The findings were disclosed to OpenAI in April and were reported publicly on 2025-11-06.
Related Happenings
ChatGPT single-prompt DNS side-channel exfiltration remote code execution flaw
Vulnerability
First: 31.03.2026 16:01
Last: 31.03.2026 16:01
Sources 1
About this happening:
A **ChatGPT** vulnerability let a **single malicious prompt** covertly exfiltrate prompts, messages, uploaded files, and other sensitive content through a **DNS side channel**. Th...
ChatGPT single-prompt DNS side-channel exfiltration remote code execution flaw
VulnerabilityAbout this happening: A **ChatGPT** vulnerability let a **single malicious prompt** covertly exfiltrate prompts, messages, uploaded files, and other sensitive content through a **DNS side channel**. Th...
OpenAI Safety Bug Bounty launch
Commercial Activity
First: 26.03.2026 14:20
Last: 26.03.2026 14:20
Sources 1
About this happening:
**OpenAI** launched the **Safety Bug Bounty** on **Bugcrowd**, expanding researcher coverage for **AI abuse** and **safety risks** across its products. The new program complements...
OpenAI Safety Bug Bounty launch
Commercial ActivityAbout this happening: **OpenAI** launched the **Safety Bug Bounty** on **Bugcrowd**, expanding researcher coverage for **AI abuse** and **safety risks** across its products. The new program complements...
Google Looker Studio cross-tenant SQL injection flaws SQL injection flaw
Vulnerability
First: 10.03.2026 15:20
Last: 10.03.2026 15:20
Sources 1
About this happening:
Researchers disclosed **nine cross-tenant vulnerabilities** in **Google Looker Studio** that could let attackers run **arbitrary SQL queries** on victims' databases and exfiltrate...
Google Looker Studio cross-tenant SQL injection flaws SQL injection flaw
VulnerabilityAbout this happening: Researchers disclosed **nine cross-tenant vulnerabilities** in **Google Looker Studio** that could let attackers run **arbitrary SQL queries** on victims' databases and exfiltrate...
OpenAI Codex Security rolls out as a research-preview vulnerability-finding agent
Security Tool/Service
First: 07.03.2026 18:28
Last: 07.03.2026 18:28
Sources 1
About this happening:
**OpenAI** began rolling out **Codex Security** in **research preview**, adding an AI security agent that can **find, validate, and propose fixes** for vulnerabilities. The rollou...
OpenAI Codex Security rolls out as a research-preview vulnerability-finding agent
Security Tool/ServiceAbout this happening: **OpenAI** began rolling out **Codex Security** in **research preview**, adding an AI security agent that can **find, validate, and propose fixes** for vulnerabilities. The rollou...
Nanobot WhatsApp session hijack security flaw
Vulnerability
First: 16.02.2026 19:32
Last: 16.02.2026 19:32
Sources 1
About this happening:
A **max-severity flaw** in **nanobot** could let **remote attackers** hijack **WhatsApp sessions** on **exposed instances**. The weakness raises the risk of account takeover and s...
Nanobot WhatsApp session hijack security flaw
VulnerabilityAbout this happening: A **max-severity flaw** in **nanobot** could let **remote attackers** hijack **WhatsApp sessions** on **exposed instances**. The weakness raises the risk of account takeover and s...
Timeline
-
06.11.2025 12:00 2 articles · 6mo ago
Tenable discloses seven ChatGPT/SearchGPT weaknesses
Initial DisclosureResearchers disclosed seven weaknesses in OpenAI's ChatGPT and SearchGPT that can be chained to exfiltrate private information from a user's chat history and stored memories, using indirect prompt injection, crafted chat URLs such as https://chatgpt.com/?q={Prompt}, poisoned search results, blog comments, and Bing tracking links to bypass safety filters and sustain access; the issues were reported to OpenAI in April and publicly described on 2025-11-06.
Show sources
- Multiple ChatGPT Security Bugs Allow Rampant Data Theft — www.darkreading.com — 06.11.2025 12:00
- Multiple ChatGPT Security Bugs Allow Rampant Data Theft — www.darkreading.com — 06.11.2025 12:00