CVE-2025-58374 Roo Code: Auto-approve allows npm install execution of malicious postinstall scripts

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a default list of allowed commands that do not need manual approval if auto-approve is enabled, and npm install is included in that list. Because npm install executes lifecycle...

PT-2022-34420 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.256 Description: A potential use after free issue has been identified. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v4.19.256,...