Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Root's Axios Package Has a Security Patch
ROOT-APP-NPM-CVE-2026-39865
Summary
If you're using the Axios package from Root, you'll want to update to the latest version to fix a security issue that could allow an attacker to manipulate requests. This affects users of Root's npm package. Update to a patched version as soon as possible.
What to do
- Update rootio @rootio/axios to version 1.7.9-root.io.6.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:npm | rootio | @rootio/axios |
< 1.7.9-root.io.6 Fix: upgrade to 1.7.9-root.io.6
|
Original title
CVE-2026-39865 in @rootio/axios - Patched by Root
Original description
Root has patched CVE-2026-39865 in the @rootio/axios package for Root:npm. Multiple fixed versions available.
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026