Post

OpenAI Patches ChatGPT Flaw That Smuggled Data Over DNS

Posted
By ictsec.pl
1 min read
OpenAI Patches ChatGPT Flaw That Smuggled Data Over DNS

OpenAI Patches ChatGPT Flaw That Smuggled Data Over DNS 🚀

OpenAI has been vocal about its commitment to data security for its AI services. However, a recent report from Check Point reveals that ChatGPT had a significant flaw that allowed data to leak through a DNS side channel before it was patched. In February 2026, OpenAI addressed a data exfiltration vulnerability in ChatGPT that enabled a single prompt to bypass the safeguards that were in place.

Researchers from Check Point stated, “We found that a single malicious prompt could activate a hidden exfiltration channel inside a regular ChatGPT conversation.”

OpenAI has implemented various safeguards around ChatGPT to limit data exfiltration. For instance, the company asserts that “The ChatGPT code execution environment is unable to generate outbound network requests directly.” However, Check Point’s findings suggest that this was not entirely accurate. The vulnerability allowed information to be transmitted to an external server through a side channel originating from the container used by ChatGPT for code execution and data analysis.

The side channel in question was the Domain Name System (DNS), which resolves domain names into IP addresses. While OpenAI prevents ChatGPT from communicating with the internet without authorization, it lacked controls on data smuggled via DNS.

Check Point created three proof-of-concept attacks demonstrating how this side channel could be exploited. One example involved a third-party app implementing ChatGPT APIs, serving as a personal health analyst. In this demonstration, a user uploaded a PDF containing laboratory results and personal information for the GPT to interpret. When asked whether it had uploaded the data, ChatGPT confidently replied that it had not, stating that the file was only stored in a secure internal location. Nevertheless, the GPT app transmitted the data to a remote server controlled by the attacker.

Flaws like this raise serious concerns for regulated industries deploying AI services. If a corporate AI service were to leak such data, it could lead to GDPR violations, HIPAA breaches, or conflicts with various financial compliance rules. OpenAI is reported to have resolved this particular issue on February 20, 2026.

For more details, check out the full article: Read full article

TECHNOLOGY
OPENAI CHATGPT DNS SECURITY VULNERABILITY
This post is licensed under CC BY 4.0 by the author.