CVE-2025-58437 | Coder up to 2.24.3/2.25.1 session expiration (GHSA-j6xf-jwrj-v5qp)

September 6, 2025 Yanac

A vulnerability classified as critical was found in Coder up to 2.24.3/2.25.1. The affected element is an unknown function. Executing manipulation can lead to session expiration.

This vulnerability is handled as CVE-2025-58437. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More

CVE-2025-58374 | RooCodeInc Roo-Code up to 3.25.x package.json os command injection (GHSA-c292-qxq4-4p2v)
CVE-2025-58372 | RooCodeInc Roo-Code up to 3.25.x code-workspace File permission assignment (GHSA-4pqh-4ggm-jfmm)