rootio-fastmcp: Unauthorized Access to Sensitive Data

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-fastmcp: Unauthorized Access to Sensitive Data

ROOT-APP-PYPI-CVE-2026-27124

Summary

A patch has been released to prevent unauthorized access to sensitive data in the rootio-fastmcp software. This issue affects users who install and use rootio-fastmcp. To ensure security, update to the latest patched version of rootio-fastmcp.

What to do

Update rootio-fastmcp to version 2.12.4+root.io.3.
Update rootio-fastmcp to version 2.12.4+root.io.4.

Affected software

Ecosystem	Vendor	Product	Affected versions
Root:PyPI	–	rootio-fastmcp	< 2.12.4+root.io.3 < 2.12.4+root.io.4 Fix: upgrade to 2.12.4+root.io.3

Original title

CVE-2026-27124 in rootio-fastmcp - Patched by Root

Original description

Root has patched CVE-2026-27124 in the rootio-fastmcp package for Root:PyPI. Multiple fixed versions available.

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 10 Apr 2026