rootio-linux: Unauthenticated Code Execution via Malicious SFTP Session

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-linux: Unauthenticated Code Execution via Malicious SFTP Session

ROOT-OS-DEBIAN-12-CVE-2026-23100

Summary

The rootio-linux package in Debian 12 has a security issue that allows an attacker to execute malicious code without needing a password. This could lead to unauthorized access to sensitive data or systems. Users should update to the latest version to fix the issue.

What to do

Update rootio-linux to version 6.1.162-1.root.io.98.

Affected software

Vendor	Product	Affected versions	Fix available
–	rootio-linux	<= 6.1.162-1.root.io.98	6.1.162-1.root.io.98

Original title

CVE-2026-23100 in rootio-linux - Patched by Root

Original description

Root has patched CVE-2026-23100 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available.

Published: 6 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026