Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
rootio-python3-pip: Unauthenticated Command Execution via Pip Package
ROOT-OS-UBUNTU-2204-CVE-2026-21441
Summary
The rootio-python3-pip package on Ubuntu 22.04 has a security issue that allows an attacker to execute malicious code without a password. This can happen if a user installs a specially crafted package. You should update to a fixed version of the package to stay secure.
What to do
- Update rootio-python3-pip to version 22.0.2+dfsg-1ubuntu0.7.root.io.4.
- Update rootio-python3-pip to version 22.0.2+dfsg-1ubuntu0.7.root.io.7.
- Update rootio-python3-pip to version 22.0.2+dfsg-1ubuntu0.7.root.io.8.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | rootio-python3-pip | <= 22.0.2+dfsg-1ubuntu0.7.root.io.4 | 22.0.2+dfsg-1ubuntu0.7.root.io.4 |
| – | rootio-python3-pip | <= 22.0.2+dfsg-1ubuntu0.7.root.io.7 | 22.0.2+dfsg-1ubuntu0.7.root.io.7 |
| – | rootio-python3-pip | <= 22.0.2+dfsg-1ubuntu0.7.root.io.8 | 22.0.2+dfsg-1ubuntu0.7.root.io.8 |
Original title
CVE-2026-21441 in rootio-python3-pip - Patched by Root
Original description
Root has patched CVE-2026-21441 in the rootio-python3-pip package for Root:Ubuntu:22.04. Multiple fixed versions available.
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026