Vulnerability in N/a

CVE-2026-30307

Roo Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structur…

EPSS: 0.007 (71.4th percentile) — read the EPSS interpretation.