CVE-2025-58374 - Roo Code: Auto-approve allows npm install execution of malicious postinstall scripts
CVE ID : CVE-2025-58374
Published : Sept. 6, 2025, 2:19 a.m. | 20 minutes ago
Description : Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a default list of allowed commands that do not need manual approval if auto-approve is enabled, and npm install is included in that list. Because npm install executes lifecycle scripts, if a repository’s package.json file contains a malicious postinstall script, it would be executed automatically without user approval. This means that enabling auto-approved commands and opening a malicious repo could result in arbitrary code execution. This is fixed in version 3.26.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Sept. 6, 2025, 2:19 a.m. | 20 minutes ago
Description : Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a default list of allowed commands that do not need manual approval if auto-approve is enabled, and npm install is included in that list. Because npm install executes lifecycle scripts, if a repository’s package.json file contains a malicious postinstall script, it would be executed automatically without user approval. This means that enabling auto-approved commands and opening a malicious repo could result in arbitrary code execution. This is fixed in version 3.26.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...