GitHub Copilot CLI Dangerous Shell Expansion Patterns Enable Arbitrary Code Execution

Summary A security vulnerability has been identified in GitHub Copilot CLI's shell tool that could allow arbitrary code execution through crafted bash parameter expansion patterns. An attacker who can influence the commands executed by the agent e.g., via prompt injection through repository files...

EUVD-2025-25612

Malicious code in bioql PyPI...

CVE-2025-57771

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions prior to 3.25.5, Roo-Code fails to properly handle process substitution and single ampersand characters in the command parsing logic for auto-execute commands. If a user has enabled auto-approved execution...

CVE-2025-57771

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions prior to 3.25.5, Roo-Code fails to properly handle process substitution and single ampersand characters in the command parsing logic for auto-execute commands. If a user has enabled auto-approved execution...

CVE-2025-57771 Roo-Code potential remote code execution via auto-execute command parsing flaw

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions prior to 3.25.5, Roo-Code fails to properly handle process substitution and single ampersand characters in the command parsing logic for auto-execute commands. If a user has enabled auto-approved execution...

CVE-2025-57771 Roo-Code potential remote code execution via auto-execute command parsing flaw

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions prior to 3.25.5, Roo-Code fails to properly handle process substitution and single ampersand characters in the command parsing logic for auto-execute commands. If a user has enabled auto-approved execution...

CVE-2025-57771

CVE-2025-57771 affects Roo Code prior to 3.25.5. The flaw lies in the command parsing for auto-execute commands, where process substitution and single ampersand handling can be bypassed, allowing an attacker who can submit crafted prompts to cause arbitrary commands to run alongside the intended ...

PT-2025-34449 · Robocode · Robocode

Name of the Vulnerable Software and Affected Versions: Roo Code versions prior to 3.25.5 Description: Roo Code, an AI-powered autonomous coding agent, does not correctly process process substitution and single ampersand characters within its command parsing logic for auto-execute commands. If a...

Use-After-Free

Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or...

Buffer Underflow

Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or...

Stack-Based Buffer Overflow

Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or...

Scientific Linux Security Update : wireshark on SL6.x i386/x86_64 (20150722)

Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189,...

wireshark security update

CentOS Errata and Security Advisory CESA-2015:1460 Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common...

RedHat Update for wireshark RHSA-2015:1460-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 : wireshark (RHSA-2015:1460)

Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

Moderate: Red Hat Security Advisory: wireshark security, bug fix, and enhancement update

Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...