Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Rootio Cryptography Package Exposes Data
ROOT-APP-PYPI-CVE-2026-39892
Summary
The rootio-cryptography package on Root's PyPI repository had a security weakness that could allow unauthorized access to sensitive data. This has been addressed by Root through a software update. Users should update their versions to the latest patched release.
What to do
- Update rootio-cryptography to version 45.0.5+root.io.3.
- Update rootio-cryptography to version 46.0.3+root.io.2.
- Update rootio-cryptography to version 46.0.3+root.io.3.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:PyPI | – | rootio-cryptography |
< 45.0.5+root.io.3 < 46.0.3+root.io.2 < 46.0.3+root.io.3 Fix: upgrade to 45.0.5+root.io.3
|
Original title
CVE-2026-39892 in rootio-cryptography - Patched by Root
Original description
Root has patched CVE-2026-39892 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available.
Published: 4 May 2026 · Updated: 5 May 2026 · First seen: 10 Apr 2026