Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
rootio-python3.11: Unrestricted Arbitrary Code Execution
ROOT-OS-DEBIAN-12-CVE-2026-4224
Summary
The Rootio package for Python 3.11 has a known vulnerability which could allow an attacker to run arbitrary code on a system. This could potentially allow an attacker to take control of the system. Root has released a patch to fix this issue.
What to do
- Update rootio-python3.11 to version 3.11.2-6+deb12u6.root.io.28.
- Update rootio-python3.11 to version 3.11.2-6+deb12u6.root.io.31.
- Update rootio-python3.11 to version 3.11.2-6+deb12u6.root.io.32.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:Debian:12 | – | rootio-python3.11 |
< 3.11.2-6+deb12u6.root.io.28 < 3.11.2-6+deb12u6.root.io.31 < 3.11.2-6+deb12u6.root.io.32 Fix: upgrade to 3.11.2-6+deb12u6.root.io.28
|
Original title
CVE-2026-4224 in rootio-python3.11 - Patched by Root
Original description
Root has patched CVE-2026-4224 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available.
Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 30 Mar 2026