Code Execution Vulnerability in Roo Code AI Agent
CVE-2025-53536

8.1HIGH

Key Information:

Vendor: Roocodeinc
Status: Roo-code
Vendor: CVE Published:; 7 July 2025

What is CVE-2025-53536?

The Roo Code AI-powered autonomous coding agent prior to version 3.22.6 contains a vulnerability that allows attackers to execute arbitrary code. This is possible when a victim has the 'Write' auto-approval feature enabled, enabling an attacker who submits prompt commands to modify VS Code settings files. For instance, an attacker could alter the php.validate.executablePath setting, replacing it with a path to an arbitrary command. Consequently, the attacker could create a malicious PHP file that triggers this code execution. The vulnerability has been mitigated in the most recent version.

Affected Version(s)

Roo-Code < 3.22.6

References

https://github.com/RooCodeInc/Roo-Code/security/advisorie...

x_refsource_CONFIRM

https://github.com/RooCodeInc/Roo-Code/commit/1be6fce1a68...

x_refsource_MISC

https://github.com/RooCodeInc/Roo-Code/commit/3993406ebdc...

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 7, 2025
Vulnerability Reserved
Jul 2, 2025

Roocodeinc

What is CVE-2025-53536?

Affected Version(s)

References

CVSS V3.1

Timeline