Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
rootio-libxml2: Data Exposure in XML Parsing
ROOT-OS-DEBIAN-13-CVE-2026-0990
Summary
A vulnerability in rootio-libxml2 allows attackers to access sensitive data. This affects users who rely on Root's Debian-based operating system and use the libxml2 library. Root has released patches to fix the issue, so update your system to the latest version to protect yourself.
What to do
- Update rootio-libxml2 to version 2.12.7+dfsg+really2.9.14-2.1+deb13u2.root.io.9.
- Update rootio-libxml2 to version 2.12.7+dfsg+really2.9.14-2.1+deb13u2.root.io.11.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:Debian:13 | – | rootio-libxml2 |
< 2.12.7+dfsg+really2.9.14-2.1+deb13u2.root.io.9 < 2.12.7+dfsg+really2.9.14-2.1+deb13u2.root.io.11 Fix: upgrade to 2.12.7+dfsg+really2.9.14-2.1+deb13u2.root.io.9
|
Original title
CVE-2026-0990 in rootio-libxml2 - Patched by Root
Original description
Root has patched CVE-2026-0990 in the rootio-libxml2 package for Root:Debian:13. Multiple fixed versions available.
Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 30 Mar 2026