CVE-2025-58372: Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a vul
highvulnerability
security
Summary
Roo Code is an AI tool that automatically writes code in your editor, but versions 3.25.23 and earlier have a security flaw where workspace configuration files (.code-workspace files that store project settings) aren't properly protected. An attacker using prompt injection (tricking the AI by hiding malicious instructions in its input) could trick the agent into writing harmful settings that execute as code when you reopen your project, potentially giving the attacker control of your computer.
Solution / Mitigation
Update to version 3.26.0 or later, which fixes this issue.
Vulnerability Details
CVSS Score
8.1(high)
EPSS (30-day exploit probability)
EPSS: 0.1%
Classification
Attack Type
Prompt Injection
Attack SophisticationModerate
Impact (CIA+S)
integrityavailability
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-58372
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 92%