Day: 6 September 2025

Beyond Cracked Apps: New macOS Malware Is Using the Terminal to Steal Data

Beyond Cracked Apps: New macOS Malware Is Using the Terminal to Steal Data The Trend Micro Research team has uncovered a new campaign distributing Atomic macOS Stealer (AMOS), a malware family designed to exfiltrate sensitive data from Apple devices. While macOS has historic … Read more Published Date: Sep 06, 2025 (8 hours, 34 minutes ago) Vulnerabilities […]

CVE-2021-26383 – AMD TEE Out-of-Bounds Memory Access Vulnerability

Affected Products The following products are affected by CVE-2021-26383 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below. No affected product recoded yet

CVE-2025-58372 – Roo Code: Potential Remote Code Execution via .code-workspace

The following table lists the changes that have been made to the CVE-2025-58372 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Sep. 05, 2025 Action […]

CVE-2025-58371 – Roo Code is vulnerable to command injection via GitHub actions workflow

Roo Code is an AI-powered autonomous coding agent that lives in users’ editors. In versions 3.26.6 and below, a Github workflow used unsanitized pull request metadata in a privileged context, allowing an attacker to craft malicious input and achieve Remote Code Execution (RCE) on the Actions runner. The workflow runs with broad permissions and access […]

CVE-2025-58370 – Roo Code: Potential Remote Code Execution via Bash Parameter Expansion and Indirect Reference

The following table lists the changes that have been made to the CVE-2025-58370 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Sep. 05, 2025 Action […]

CVE-2025-58373 – Roo Code: Symlink-bypass of .rooignore can lead to unintended file disclosure

The following table lists the changes that have been made to the CVE-2025-58373 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Sep. 05, 2025 Action […]