Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Root's Axios Library Allows Unauthorized Access to Data
ROOT-APP-NPM-CVE-2025-27152
Summary
A security issue in the Axios library used by Root's npm package could allow an attacker to access unauthorized data. This affects users of Root's API and requires updating to a fixed version of the Axios library. To protect against this issue, update to the latest version of the Axios library as recommended by Root.
What to do
- Update rootio @rootio/axios to version 1.7.9-root.io.6.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:npm | rootio | @rootio/axios |
< 1.7.9-root.io.6 Fix: upgrade to 1.7.9-root.io.6
|
Original title
CVE-2025-27152 in @rootio/axios - Patched by Root
Original description
Root has patched CVE-2025-27152 in the @rootio/axios package for Root:npm. Multiple fixed versions available.
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026