Root has patched CVE-2026-48779 in the @rootio/ws package for Root:npm. Multiple fixed versions available.
{
"distro": "npm",
"source": "Root",
"severity": "HIGH",
"distro_version": ""
}[
"8.17.1-root.io.2",
"8.18.3-root.io.2",
"8.18.0-root.io.2",
"8.18.2-root.io.2",
"8.19.0-root.io.2",
"8.20.0-root.io.2",
"7.5.10-root.io.1",
"8.13.0-root.io.1",
"8.18.1-root.io.2",
"8.20.1-root.io.1",
"8.13.0-root.io.2",
"6.2.3-root.io.1"
]
12.0
""
"https://api.root.io/external/osv/ROOT-APP-NPM-CVE-2026-48779.json"
true
"6.2.3-root.io.1"
[
"8.17.1-aikido.2",
"8.18.3-aikido.2",
"8.18.0-aikido.2",
"8.18.2-aikido.2",
"8.19.0-aikido.2",
"8.20.0-aikido.2",
"7.5.10-aikido.1",
"8.13.0-aikido.1",
"8.18.1-aikido.2",
"8.20.1-aikido.1",
"8.13.0-aikido.2",
"6.2.3-aikido.1"
]
""
12.0
"https://api.root.io/external/osv/ROOT-APP-NPM-CVE-2026-48779.json"
true
"6.2.3-aikido.1"