{"data":{"id":"e5610136-e555-4cbe-ab79-5fde10895c81","title":"CVE-2025-57771: Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions prior to 3.25.5, Roo-Code fa","summary":"Roo Code is an AI tool that automatically writes code inside text editors, but versions before 3.25.5 have a bug in how they parse commands (the instructions telling a computer what to do). An attacker could trick the AI into running extra harmful commands by hiding them in prompts if the user had enabled auto-approved command execution, a risky setting that is off by default.","solution":"Update to version 3.25.5, where the issue is fixed.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-57771","publishedAt":"2025-08-22T17:15:36.183Z","cveId":"CVE-2025-57771","cweIds":["CWE-78"],"cvssScore":"8.1","cvssSeverity":"high","severity":"high","attackType":["prompt_injection"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Roo Code"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00062,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-88"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}