Root has patched CVE-2026-54286 in the @rootio/hono package for Root:npm. Multiple fixed versions available.
{ "distro_version": "", "source": "Root", "severity": "MEDIUM", "distro": "npm" }
"4.12.14-root.io.8"
""
2.0
[ "4.12.14-root.io.7", "4.12.14-root.io.8" ]
"https://api.root.io/external/osv/ROOT-APP-NPM-CVE-2026-54286.json"
true
"4.12.14-aikido.8"
[ "4.12.14-aikido.7", "4.12.14-aikido.8" ]