Root has patched CVE-2026-49485 in the io.root.ca.uhn.hapi.fhir:org.hl7.fhir.validation package for Root:Maven. Multiple fixed versions available.
{ "distro": "maven", "severity": "HIGH", "source": "Root", "distro_version": "" }
2.0
"root.io.10"
"6.9.0"
[ "6.7.9-root.io.9", "6.9.0-root.io.10" ]
true
"https://api.root.io/external/osv/ROOT-APP-MAVEN-CVE-2026-49485.json"
""
"6.9.0-aikido.10"
[ "6.7.9-aikido.9", "6.9.0-aikido.10" ]