Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
rootio-python3.11: Unvalidated Input Allows Command Execution
ROOT-OS-DEBIAN-12-CVE-2026-3644
Summary
A software update has been released to fix a vulnerability in the rootio-python3.11 package that affects Root users. If exploited, this issue could allow an attacker to execute arbitrary commands on an affected system. To protect your system, update to the latest version of rootio-python3.11 as soon as possible.
What to do
- Update rootio-python3.11 to version 3.11.2-6+deb12u6.root.io.28.
- Update rootio-python3.11 to version 3.11.2-6+deb12u6.root.io.31.
- Update rootio-python3.11 to version 3.11.2-6+deb12u6.root.io.32.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:Debian:12 | – | rootio-python3.11 |
< 3.11.2-6+deb12u6.root.io.28 < 3.11.2-6+deb12u6.root.io.31 < 3.11.2-6+deb12u6.root.io.32 Fix: upgrade to 3.11.2-6+deb12u6.root.io.28
|
Original title
CVE-2026-3644 in rootio-python3.11 - Patched by Root
Original description
Root has patched CVE-2026-3644 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available.
Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 30 Mar 2026