ChatGPT Data Leakage via a Hidden Outbound Channel in the Code Execution Runtime

Check Point Research disclosed a vulnerability in ChatGPT’s isolated code-execution/runtime environment that could be triggered by a single malicious prompt or backdoored GPT to silently exfiltrate user messages and uploaded files via DNS tunneling and to create a bidirectional channel enabling remote shell access; multiple PoCs demonstrated data theft of sensitive content and remote command execution, and OpenAI confirmed and fully deployed a fix on 2026-02-20.