8 matches found
openshell-sandbox-poc
OpenShell + Kata Containers: Dual-Protection PoC A proof-of-c...
PT-2025-47816
Name of the Vulnerable Software and Affected Versions Roo Code versions prior to 3.26.7 Description Roo Code, an AI-powered autonomous coding agent, had a validation error that allowed it to automatically execute commands not on the approved list of prefixes. This occurred in versions before...
EUVD-2025-22473
Malicious code in bioql PyPI...
EUVD-2025-20299
Malicious code in bioql PyPI...
EUVD-2025-19434
Malicious code in bioql PyPI...
PT-2025-30619 · Robocode · Robocode
Name of the Vulnerable Software and Affected Versions: Roo Code versions 3.23.18 and below Description: Roo Code, an AI-powered autonomous coding agent, does not validate line breaks in its command input. This bypasses the allow-list mechanism due to a lack of parsing or validation logic,...
CVE-2025-53536
Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with...
CVE-2025-53536
Roo Code (AI-powered autonomous coding agent) prior to version 3.22.6 is affected. If a victim had the Write auto-approved mode, an attacker who can submit prompts could write to VS Code settings files and trigger code execution. A concrete example is the php.validate.executablePath setting, wher...