CVE-2025-58371
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-05

Last updated on: 2025-09-15

Assigner: GitHub, Inc.

Description
Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions 3.26.6 and below, a Github workflow used unsanitized pull request metadata in a privileged context, allowing an attacker to craft malicious input and achieve Remote Code Execution (RCE) on the Actions runner. The workflow runs with broad permissions and access to repository secrets. It is possible for an attacker to execute arbitrary commands on the runner, push or modify code in the repository, access secrets, and create malicious releases or packages, resulting in a complete compromise of the repository and its associated services. This is fixed in version 3.26.7.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-05
Last Modified
2025-09-15
Generated
2026-05-07
AI Q&A
2025-09-06
EPSS Evaluated
2026-05-05
NVD
CVE-2025-58371
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
roocode roo_code to 3.26.7 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in Roo Code versions 3.26.6 and below, where a GitHub workflow uses unsanitized pull request metadata in a privileged context. This allows an attacker to craft malicious input that leads to Remote Code Execution (RCE) on the Actions runner. Because the workflow runs with broad permissions and access to repository secrets, the attacker can execute arbitrary commands, push or modify code, access secrets, and create malicious releases or packages, resulting in a complete compromise of the repository and its associated services. The issue is fixed in version 3.26.7.


What immediate steps should I take to mitigate this vulnerability?

Upgrade Roo Code to version 3.26.7 or later, as this version contains the fix for the vulnerability. Avoid using versions 3.26.6 and below. Additionally, review and restrict permissions of GitHub workflows to limit access to repository secrets and privileged contexts.


How can this vulnerability impact me? :

This vulnerability can lead to a complete compromise of your repository and associated services. An attacker can execute arbitrary commands on the Actions runner, push or modify code in your repository, access sensitive secrets, and create malicious releases or packages. This can result in unauthorized code changes, data breaches, and potentially widespread damage to your software supply chain.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart