Root has patched CVE-2026-50016 in the @rootio/pnpm package for Root:npm. Multiple fixed versions available.
{ "distro": "npm", "source": "Root", "distro_version": "", "severity": "HIGH" }
[ "10.32.1-root.io.1", "10.32.1-root.io.2", "10.32.1-root.io.3" ]
3.0
""
"https://api.root.io/external/osv/ROOT-APP-NPM-CVE-2026-50016.json"
true
"10.32.1-root.io.3"
[ "10.32.1-aikido.1", "10.32.1-aikido.2", "10.32.1-aikido.3" ]
"10.32.1-aikido.3"