Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
rootio-linux: Unauthorized Access through Malicious SFTP Sessions
ROOT-OS-DEBIAN-12-CVE-2025-40294
Summary
A vulnerability in the rootio-linux package allows attackers to gain unauthorized access to systems using SFTP sessions. This could potentially lead to data theft or system compromise. Root has released a patch to fix the issue, so update to the latest version to ensure your system is secure.
What to do
- Update rootio-linux to version 6.1.159-1.root.io.75.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | rootio-linux | <= 6.1.159-1.root.io.75 | 6.1.159-1.root.io.75 |
Original title
CVE-2025-40294 in rootio-linux - Patched by Root
Original description
Root has patched CVE-2025-40294 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available.
Published: 6 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026