Login Sign Up

CVE-2025-58373

5.5 MEDIUM

📋 TL;DR

This vulnerability in Roo Code allows attackers with write access to bypass .rooignore file protections using symbolic links, potentially exposing sensitive files like .env or configuration files. Users of Roo Code versions 3.25.23 and below are affected, particularly those who rely on .rooignore to exclude sensitive data from AI processing.

💻 Affected Systems

Products:
  • Roo Code
Versions: 3.25.23 and below
Operating Systems: All platforms supporting symbolic links
Default Config Vulnerable: ⚠️ Yes
Notes: Requires attacker write access to workspace; affects users relying on .rooignore for sensitive file exclusion.

📦 What is this software?

Roo Code by Roocode

View all CVEs affecting Roo Code →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain access to sensitive secrets, API keys, database credentials, or proprietary code that was intended to be excluded, leading to data breaches, unauthorized system access, or intellectual property theft.

🟠

Likely Case

Exposure of development environment secrets or configuration files that could be used for further attacks or reconnaissance within the development pipeline.

🟢

If Mitigated

Limited exposure of non-critical files or detection of exploitation attempts through monitoring, with minimal impact due to proper access controls.

🌐 Internet-Facing: LOW
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires write access to workspace and knowledge of symbolic link creation; no public exploits known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.26.0

Vendor Advisory: https://github.com/RooCodeInc/Roo-Code/security/advisories/GHSA-p76r-7mc3-qh7c

Restart Required: No

Instructions:

1. Update Roo Code extension in your editor. 2. For VS Code: Go to Extensions, find Roo Code, click Update. 3. For other editors: Follow extension update process. 4. Verify version is 3.26.0 or higher.

🔧 Temporary Workarounds

Restrict workspace write access

all

Limit write permissions to trusted users only to prevent symlink creation.

Monitor for symlink creation

all

Implement file system monitoring to detect suspicious symlink creation in workspaces.

🧯 If You Can't Patch

  • Remove write access for untrusted users from Roo Code workspaces.
  • Move sensitive files outside of Roo Code workspace directories entirely.

🔍 How to Verify

Check if Vulnerable:

Check Roo Code version in editor extensions; if version is 3.25.23 or below, you are vulnerable.

Check Version:

In VS Code: Extensions sidebar > Roo Code > check version; or run 'code --list-extensions --show-versions | grep roo' in terminal.

Verify Fix Applied:

Confirm Roo Code version is 3.26.0 or higher after update.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected file access patterns by Roo Code process
  • Creation of symbolic links in workspace directories

Network Indicators:

  • None - this is a local file system vulnerability

SIEM Query:

Process:roo-code AND (FileAccess:*.env OR FileAccess:*config* OR FileCreate:Symlink)

📊 Metadata

CVE ID: CVE-2025-58373
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE: CWE-59
EPSS Score: 0.03% exploit probability (6.5th percentile)
Published: September 5, 2025
Last Updated: September 15, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58373, you might also want to check these:

CVE-2024-37143 10.0

This CVE describes an Improper Link Resolution Before File Access vulnerability in multiple Dell Pow...

Same vulnerability type (CWE-59)
CVE-2024-28185 10.0

CVE-2024-28185 is a critical symlink vulnerability in Judge0 that allows attackers to write arbitrar...

Same vulnerability type (CWE-59)
CVE-2024-48862 9.8

CVE-2024-48862 is a path traversal vulnerability in QNAP's QuLog Center that allows remote attackers...

Same vulnerability type (CWE-59)