Root has patched CVE-2026-47131 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available.
{ "distro": "npm", "source": "Root", "distro_version": "", "severity": "CRITICAL" }
[ "3.11.3-root.io.2", "3.11.3-root.io.3", "3.9.17-root.io.7", "3.9.17-root.io.8" ]
""
4.0
"https://api.root.io/external/osv/ROOT-APP-NPM-CVE-2026-47131.json"
true
"3.9.17-root.io.8"
[ "3.11.3-aikido.2", "3.11.3-aikido.3", "3.9.17-aikido.7", "3.9.17-aikido.8" ]
"3.9.17-aikido.8"