Root has patched CVE-2026-48817 in the rootio-starlette package for Root:PyPI. Multiple fixed versions available.
{
"source": "Root",
"severity": "MEDIUM",
"distro": "pypi",
"distro_version": ""
}"https://api.root.io/external/osv/ROOT-APP-PYPI-CVE-2026-48817.json"
"0.45.3"
[
"0.50.0+root.io.2",
"0.45.3+root.io.14",
"0.49.3+root.io.4",
"0.49.2+root.io.4",
"0.41.3+root.io.7",
"0.46.2+root.io.7",
"0.52.1+root.io.3",
"1.0.0+root.io.2",
"1.0.1+root.io.2",
"0.49.1+root.io.3",
"1.0.0+root.io.3",
"0.45.3+root.io.15"
]
true
12.0
"root.io.15"