CVE-2025-58373 is a medium-severity vulnerability affecting RooCodeInc's Roo-Code product, versions prior to 3.26.0. Roo-Code is an AI-powered autonomous coding agent integrated into users' code editors to assist with development tasks. The vulnerability stems from improper link resolution before file access, classified under CWE-59 (Improper Link Resolution Before File Access, also known as 'Link Following'). Specifically, the issue allows an attacker who has write access to the user's workspace to bypass the protections enforced by the .rooignore file. The .rooignore file is intended to exclude certain files or directories from being read or processed by the extension, typically to protect sensitive files such as environment configuration files (.env) or other confidential project data. By creating symbolic links (symlinks) that point to these excluded files, an attacker can trick the Roo-Code extension into reading and potentially exposing sensitive information that should have been ignored. This bypass occurs because the extension does not properly resolve or validate symlinks before accessing files, leading to unintended file disclosure. The vulnerability requires the attacker to have write permissions within the user's workspace, which means the attacker must already have some level of access to the development environment or source code repository. Exploitation also requires user interaction, as the extension reads files during normal operation. The vulnerability does not affect the integrity or availability of the system but poses a high confidentiality risk by potentially exposing secrets, configuration details, or other sensitive data. The issue was fixed in version 3.26.0 of Roo-Code. The CVSS v3.1 score is 5.5 (medium severity), reflecting the local attack vector, low complexity, no privileges required, but user interaction needed, and a high impact on confidentiality only.

For European organizations, this vulnerability can lead to unauthorized disclosure of sensitive information such as API keys, database credentials, or proprietary configuration details stored in excluded files within development environments. Since Roo-Code is integrated into developers' editors, exploitation could compromise the confidentiality of source code and secrets during the development lifecycle, potentially leading to further attacks such as supply chain compromises or unauthorized access to production systems. Organizations with collaborative development environments or those that allow multiple users write access to shared workspaces are particularly at risk. The exposure of secrets could violate data protection regulations such as GDPR if personal data or credentials are leaked, leading to legal and reputational consequences. Additionally, organizations relying on Roo-Code for AI-assisted coding may face delays or disruptions if they need to urgently patch or upgrade affected versions. Although the vulnerability requires local write access and user interaction, insider threats or compromised developer machines could exploit this flaw to escalate data exposure risks.

1. Upgrade Roo-Code to version 3.26.0 or later immediately to apply the official fix that properly handles symlink resolution and enforces .rooignore protections. 2. Restrict write permissions in development workspaces to trusted users only, minimizing the risk of malicious symlink creation. 3. Implement strict access controls and monitoring on source code repositories and developer environments to detect unauthorized file modifications or suspicious symlink usage. 4. Educate developers about the risks of symlink attacks and encourage regular review of .rooignore and similar exclusion files to ensure sensitive files are properly protected. 5. Use additional secret management tools that do not rely solely on file-based exclusions to safeguard sensitive credentials outside of the development environment. 6. Employ endpoint security solutions capable of detecting anomalous file system activities, including symlink creation and access patterns. 7. Conduct regular security audits and code reviews focusing on file access patterns and extension/plugin behaviors within development tools.