rootio-python3.11: Malicious code execution via Python script

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-python3.11: Malicious code execution via Python script

ROOT-OS-DEBIAN-12-CVE-2025-13836

Summary

A security issue has been fixed in the rootio-python3.11 package, which allows an attacker to run malicious code if they can inject a specially crafted Python script. This is a serious issue for users of Root's Debian 12 system. Update to a patched version of rootio-python3.11 to protect your system.

What to do

Update rootio-python3.11 to version 3.11.2-6+deb12u6.root.io.14.

Affected software

Vendor	Product	Affected versions	Fix available
–	rootio-python3.11	<= 3.11.2-6+deb12u6.root.io.14	3.11.2-6+deb12u6.root.io.14

Original title

CVE-2025-13836 in rootio-python3.11 - Patched by Root

Original description

Root has patched CVE-2025-13836 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available.

Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026