Root has patched CVE-2026-53655 in the @rootio/tar package for Root:npm. Multiple fixed versions available.
{ "source": "Root", "distro": "npm", "severity": "MEDIUM", "distro_version": "" }
"https://api.root.io/external/osv/ROOT-APP-NPM-CVE-2026-53655.json"
"4.4.19-root.io.4"
[ "4.4.19-root.io.4", "7.5.1-root.io.10" ]
true
2.0
""
"4.4.19-aikido.4"
[ "4.4.19-aikido.4", "7.5.1-aikido.10" ]