Symlink Bypass in Roo Code – AI-Powered Coding Agent
CVE-2025-58373

5.5MEDIUM

Key Information:

Vendor: Roocodeinc
Status: Roo-code
Vendor: CVE Published:; 5 September 2025

What is CVE-2025-58373?

Roo Code, an AI-powered autonomous coding agent integrated with user editors, has a vulnerability found in versions 3.25.23 and earlier. This security flaw allows an attacker with write permissions to exploit symlinks, bypassing the .rooignore file protections. Consequently, sensitive files such as .env or other critical configuration files, which should remain undisclosed, can be exposed. Attackers may gain unauthorized access to essential project data by manipulating files within the workspace. The issue has been addressed in version 3.26.0, emphasizing the importance of updating to remain secure.

Affected Version(s)

Roo-Code < 3.26.0

References

https://github.com/RooCodeInc/Roo-Code/security/advisorie...

x_refsource_CONFIRM

https://github.com/RooCodeInc/Roo-Code/pull/7405

x_refsource_MISC

https://github.com/RooCodeInc/Roo-Code/releases/tag/v3.26.0

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2025
Vulnerability Reserved
Aug 29, 2025

Roocodeinc

What is CVE-2025-58373?

Affected Version(s)

References

CVSS V3.1

Timeline