Arbitrary Code Execution Vulnerability in Roo Code AI Coding Agent
CVE-2025-58374

7.8HIGH

Key Information:

Vendor: Roocodeinc
Status: Roo-code
Vendor: CVE Published:; 6 September 2025

What is CVE-2025-58374?

The Roo Code AI-powered coding agent featured a significant vulnerability that allowed for arbitrary code execution through the execution of npm install commands. In versions 3.25.23 and earlier, the agent had a default list of approved commands, which, when auto-approve was enabled, bypassed user confirmation. This lack of manual oversight meant that if a user opened a repository containing a malicious package.json with a harmful postinstall script, that script would be executed automatically. The issue has been addressed in version 3.26.0, emphasizing the importance of updating to ensure safety against such potential exploits.

Affected Version(s)

Roo-Code < 3.26.0

References

https://github.com/RooCodeInc/Roo-Code/security/advisorie...

x_refsource_CONFIRM

https://github.com/RooCodeInc/Roo-Code/pull/7390/files

x_refsource_MISC

https://github.com/RooCodeInc/Roo-Code/releases/tag/v3.26.0

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 6, 2025
Vulnerability Reserved
Aug 29, 2025

Roocodeinc

What is CVE-2025-58374?

Affected Version(s)

References

CVSS V3.1

Timeline