Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
rootio-fastmcp: Unauthorized access to sensitive configuration data
ROOT-APP-PYPI-CVE-2025-62800
Summary
The rootio-fastmcp software has a weakness that could allow an attacker to gain access to sensitive configuration settings. This could lead to unauthorized changes to the system or data exposure. Update to a patched version of rootio-fastmcp to fix this issue.
What to do
- Update rootio-fastmcp to version 2.11.3+root.io.4.
- Update rootio-fastmcp to version 2.12.4+root.io.4.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:PyPI | – | rootio-fastmcp |
< 2.11.3+root.io.4 < 2.12.4+root.io.4 Fix: upgrade to 2.11.3+root.io.4
|
Original title
CVE-2025-62800 in rootio-fastmcp - Patched by Root
Original description
Root has patched CVE-2025-62800 in the rootio-fastmcp package for Root:PyPI. Multiple fixed versions available.
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 10 Apr 2026