Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

RooCodeInc — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting RooCodeInc. AI-powered Chinese analysis, POCs, and references for each vulnerability.

RooCodeInc develops web application frameworks primarily used for building enterprise content management systems. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, with 11 CVEs documented. Security researchers have consistently identified authentication bypass issues and insecure default configurations in their offerings. While no major public breaches have been directly attributed to their vulnerabilities, the prevalence of RCE flaws in their core components presents significant risks for deployed instances. Their codebase often lacks proper input validation and sanitization, leading to persistent security challenges across multiple versions.

Found 11 results / 11Clear Filters
Top products by RooCodeInc: Roo-Code
CVE IDTitleCVSSSeverityPublished
CVE-2025-65946 Roo Code is Vulnerable to Potential Remote Code Execution via zsh Command Validation Bug — Roo-CodeCWE-77 8.1 High2025-11-21
CVE-2025-58374 Roo Code: Auto-approve allows npm install execution of malicious postinstall scripts — Roo-CodeCWE-78 7.8 High2025-09-06
CVE-2025-58373 Roo Code: Symlink-bypass of .rooignore can lead to unintended file disclosure — Roo-CodeCWE-59 5.5 Medium2025-09-05
CVE-2025-58372 Roo Code: Potential Remote Code Execution via .code-workspace — Roo-CodeCWE-732 8.1 High2025-09-05
CVE-2025-58371 Roo Code is vulnerable to command injection via GitHub actions workflow — Roo-CodeCWE-78 8.8AIHighAI2025-09-05
CVE-2025-58370 Roo Code: Potential Remote Code Execution via Bash Parameter Expansion and Indirect Reference — Roo-CodeCWE-78 8.1 High2025-09-05
CVE-2025-57771 Roo-Code potential remote code execution via auto-execute command parsing flaw — Roo-CodeCWE-78 8.1 High2025-08-22
CVE-2025-54377 Roo Code Lacks Line Break Validation in its Command Execution Tool — Roo-CodeCWE-77 7.8 High2025-07-23
CVE-2025-53536 Roo Code allows Potential Remote Code Execution via .vscode/settings.json — Roo-CodeCWE-552 8.1 High2025-07-07
CVE-2025-53098 Roo Code Vulnerable to Potential Remote Code Execution via Model Context Protocol — Roo-CodeCWE-77 8.1 High2025-06-27
CVE-2025-53097 Roo Code extension vulnerable to Potential Information Leakage via JSON Schema — Roo-CodeCWE-74 5.9 Medium2025-06-27

This page lists every published CVE security advisory associated with RooCodeInc. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.