CVE-2025-58370 | RooCodeInc Roo-Code up to 3.25.x Bash Parameter Expansion os command injection (GHSA-2rm5-cvcm-7592)

A vulnerability was found in RooCodeInc Roo-Code up to 3.25.x and classified as critical. Affected is an unknown function of the component Bash Parameter Expansion. Such manipulation leads to os command injection.

This vulnerability is referenced as CVE-2025-58370. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More