CVE-2025-53536

Name of the Vulnerable Software and Affected Versions: Roo Code versions prior to 3.22.6

Description: Roo Code is an AI-powered autonomous coding agent. If the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. One example is with the php.validate.executablePath setting, which lets you set the path for the php executable for syntax validation. The attacker could have written the path to an arbitrary command there and then created a php file to trigger it.

Recommendations: For versions prior to 3.22.6, update to version 3.22.6 to resolve the issue. As a temporary workaround, consider disabling the "Write" auto-approved feature until the update is applied. Restrict access to the php.validate.executablePath setting to minimize the risk of exploitation. Avoid using the php.validate.executablePath setting in VS Code settings files until the issue is resolved.