CVE-2025-58370
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-05

Last updated on: 2025-09-10

Assigner: GitHub, Inc.

Description
Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions below 3.26.0 contain a vulnerability in the command parsing logic where the Bash parameter expansion and indirect reference were not handled correctly. If the agent was configured to auto-approve execution of certain commands, an attacker able to influence prompts could abuse this weakness to execute additional arbitrary commands alongside the intended one. This is fixed in version 3.26.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-05
Last Modified
2025-09-10
Generated
2026-06-16
AI Q&A
2025-09-06
EPSS Evaluated
2026-06-15
NVD
CVE-2025-58370
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
roocode roo_code to 3.26.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Roo Code versions below 3.26.0 in the command parsing logic. Specifically, the Bash parameter expansion and indirect reference were not handled correctly. If the agent was set to auto-approve execution of certain commands, an attacker who could influence prompts could exploit this flaw to execute additional arbitrary commands alongside the intended command.

Impact Analysis

An attacker exploiting this vulnerability could execute arbitrary commands on your system without your consent, potentially leading to unauthorized access, data compromise, or disruption of services. Since the vulnerability allows command execution with high impact on confidentiality, integrity, and availability, it poses a serious security risk.

Mitigation Strategies

Upgrade Roo Code to version 3.26.0 or later, as this version contains the fix for the command parsing vulnerability. Additionally, review and disable any auto-approval settings for command execution to prevent abuse of this weakness.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-58370. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart