Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Root VM2 Software Allows Unauthorized Access
ROOT-APP-NPM-CVE-2026-44009
Summary
A security patch has been released for Root VM2 software, which fixes a vulnerability that could allow unauthorized access. This affects users who rely on Root VM2 for their operations. To stay secure, update to the latest version of Root VM2.
What to do
- Update rootio @rootio/vm2 to version 3.10.5-root.io.5.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:npm | rootio | @rootio/vm2 |
< 3.10.5-root.io.5 Fix: upgrade to 3.10.5-root.io.5
|
Original title
CVE-2026-44009 in @rootio/vm2 - Patched by Root
Original description
Root has patched CVE-2026-44009 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available.
osv CVSS3.1
9.8
Published: 18 May 2026 · Updated: 18 May 2026 · First seen: 18 May 2026