OpenAI

OpenAI, the artificial intelligence company behind ChatGPT and related AI services, has a high-severity local vulnerability (CVSS 8.6) that requires user interaction but requires no authentication and can compromise confidentiality, integrity, and availability across multiple systems. The vulnerability is exploitable through local access and was reported in February 2026 with a vendor deadline of June 2026. Security teams should monitor for patches from OpenAI and consider restricting local access to affected systems until remediation is available.