CVE-2025-58374
BaseFortify
Publication date: 2025-09-06
Last updated on: 2025-09-15
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| roocode | roo_code | to 3.26.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Roo Code versions 3.25.23 and below, where a default list of allowed commands can be auto-approved without manual user approval if auto-approve is enabled. The command 'npm install' is included in this list, and since 'npm install' executes lifecycle scripts, a malicious postinstall script in a repository's package.json file could be executed automatically without user approval. This can lead to arbitrary code execution when opening a malicious repository.
How can this vulnerability impact me? :
If you enable auto-approved commands and open a malicious repository, this vulnerability could allow arbitrary code execution on your system without your explicit approval. This means an attacker could run malicious scripts on your machine, potentially leading to system compromise, data loss, or unauthorized access.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately upgrade Roo Code to version 3.26.0 or later, which fixes the issue. Additionally, disable the auto-approve feature for commands, especially for 'npm install', to prevent automatic execution of potentially malicious lifecycle scripts when opening repositories.