Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Tenable's ChatGPT prompt-injection and url_safe bypass analysis

Technical Analysis
First reported
Last updated
Happening score
H score 16
1 unique sources, 1 articles

Summary

Hide ▲

Tenable uncovered seven ChatGPT vulnerabilities that let attackers drive prompt injection, phishing redirects, and memories/chat history exfiltration through SearchGPT and url_safe, creating direct data-theft risk in chatbot workflows.

Related Happenings

ChatGPT and Claude phishing and malvertising campaign

Campaign
First: 01.06.2026 12:30 Last: 01.06.2026 12:30 Sources 1

About this happening: The **ChatGPT**- and **Claude**-themed **phishing and malvertising campaign** is actively steering users to fake download pages that can deliver malware. Attackers are using **Goo...

Open Happening

LLMShare ChatGPT share-link malware lure campaign

Campaign
First: 29.05.2026 21:21 Last: 29.05.2026 21:21 Sources 1

About this happening: The **LLMShare** campaign is using **Google ads** and a legitimate **chatgpt.com** shared page to route people searching for **ChatGPT** into a fake **OpenAI outage** lure that pu...

Open Happening

OpenAI ChatGPT renderer Markdown link/image phishing security flaw

Vulnerability
First: 29.05.2026 21:07 Last: 29.05.2026 21:07 Sources 1

About this happening: **ChatGPT** has a **response-renderer vulnerability** that turns summarized third-party pages into **live phishing links** and auto-fetched **attacker-hosted images** inside the t...

Open Happening

ChatGPT single-prompt DNS side-channel exfiltration remote code execution flaw

Vulnerability
First: 31.03.2026 16:01 Last: 31.03.2026 16:01 Sources 1

About this happening: A **ChatGPT** vulnerability let a **single malicious prompt** covertly exfiltrate prompts, messages, uploaded files, and other sensitive content through a **DNS side channel**. Th...

Open Happening

OpenAI ChatGPT security update for prompt exfiltration flaw

Security Patch Release
First: 31.03.2026 16:01 Last: 31.03.2026 16:01 Sources 1

About this happening: OpenAI deployed a **security update** for **ChatGPT** on **February 20**, closing a flaw that could let a **single malicious prompt** covertly exfiltrate **prompts, messages, uplo...

Open Happening

Timeline

  1. 06.11.2025 17:49 2 articles · 6mo ago

    Tenable discloses seven ChatGPT prompt-injection and url_safe bypass paths

    Technical Analysis Update

    Tenable researchers disclosed seven ChatGPT vulnerabilities and attack techniques affecting the bio feature, SearchGPT/open_url browsing, and the url_safe check. The findings describe prompt injection through webpage content and comments, execution of crafted chatgpt.com/?q={prompt} links, Bing intermediary URLs that bypass url_safe, conversation injection back into ChatGPT, and code-block hiding to conceal malicious output, with claimed risks including data theft, phishing redirects, and exfiltration of memories and chat history. OpenAI was informed, some issues were patched, and some methods still worked against the latest GPT-5 model.

    Show sources
    Open in new tab