CVE-2025-58373

Roo Code: Symlink-bypass of .rooignore can lead to unintended file disclosure

CVSS 5.5 MEDIUMEPSS 0.3%CWE-59

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.5EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

05 Sep 2025Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a vulnerability where .rooignore protections could be bypassed using symlinks. This allows an attacker with write access to the workspace to trick the extension into reading files that were intended to be excluded. As a result, sensitive files such as .env or configuration files could be exposed. An attacker able to modify files within the workspace could gain unauthorized access to sensitive information by bypassing .rooignore rules. This could include secrets, configuration details, or other excluded project data. This is fixed in version 3.26.0.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

RooCodeInc · Roo-Code

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/RooCodeInc/Roo-Code/pull/7405 https://github.com/RooCodeInc/Roo-Code/releases/tag/v3.26.0 https://github.com/RooCodeInc/Roo-Code/security/advisories/GHSA-p76r-7mc3-qh7c