Root has patched CVE-2026-48043 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available.
{ "source": "Root", "distro_version": "", "severity": "MEDIUM", "distro": "maven" }
2.0
"root.io.22"
"https://api.root.io/external/osv/ROOT-APP-MAVEN-CVE-2026-48043.json"
true
"4.1.118.Final"
[ "4.1.126.Final-root.io.21", "4.1.118.Final-root.io.22" ]
""
"4.1.118.Final-aikido.22"
[ "4.1.126.Final-aikido.21", "4.1.118.Final-aikido.22" ]