Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
rootio-fastmcp: Unauthorized Access to Sensitive Data
ROOT-APP-PYPI-CVE-2026-32871
Summary
A security issue in rootio-fastmcp could allow an attacker to access sensitive data without permission. This affects users of the rootio-fastmcp package on the Root PyPI repository. To stay secure, update to a patched version of the software.
What to do
- Update rootio-fastmcp to version 2.12.4+root.io.2.
- Update rootio-fastmcp to version 2.11.3+root.io.4.
- Update rootio-fastmcp to version 2.12.4+root.io.4.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:PyPI | – | rootio-fastmcp |
< 2.12.4+root.io.2 < 2.11.3+root.io.4 < 2.12.4+root.io.4 Fix: upgrade to 2.12.4+root.io.2
|
Original title
CVE-2026-32871 in rootio-fastmcp - Patched by Root
Original description
Root has patched CVE-2026-32871 in the rootio-fastmcp package for Root:PyPI. Multiple fixed versions available.
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 9 Apr 2026