ChatGPT Data Leakage Via a Hidden Outbound Channel in the Code Execution Runtime

Check Point Research discovered a hidden outbound communication channel in ChatGPT's isolated code execution runtime that could silently exfiltrate sensitive user data without approval or notification. This vulnerability allowed a malicious prompt or backdoored GPT to leak user messages, uploaded files, and even establish remote shell access via DNS tunneling, bypassing OpenAI's intended safeguards designed to restrict external data transfer. OpenAI confirmed the issue and deployed a fix, highlighting the importance of securing all communication paths in AI systems that handle sensitive information.

https://research.checkpoint.com/2026/chatgpt-data-leakage-via-a-hidden-outbound-channel-in-the-code-execution-runtime/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top