CVE-2025-58371 | RooCodeInc Roo-Code up to 3.26.6 Actions Runner os command injection (GHSA-xr6r-vj48-29f6)

A vulnerability categorized as critical has been discovered in RooCodeInc Roo-Code up to 3.26.6. Affected by this vulnerability is an unknown functionality of the component Actions Runner. Executing manipulation can lead to os command injection.

This vulnerability is registered as CVE-2025-58371. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More