CVE-2025-14306 Affecting robocode package, versions *
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-DEBIAN11-ROBOCODE-14287101
- published10 Dec 2025
- disclosed9 Dec 2025
Introduced: 9 Dec 2025
NewCVE-2025-14306 (opens in a new tab)How to fix?
There is no fixed version for Debian:11 robocode.
NVD Description
Note: Versions mentioned in the description apply only to the upstream robocode package and not the robocode package as distributed by Debian.
See How to fix? for Debian:11 relevant fixed versions and status.
A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by submitting specially crafted inputs that manipulate the file path, leading to potential unauthorized file deletions. https://robo-code.blogspot.com/