Root has patched CVE-2026-49853 in the rootio-tornado package for Root:PyPI. Multiple fixed versions available.
{ "source": "Root", "distro": "pypi", "distro_version": "", "severity": "HIGH" }
"6.2"
true
"root.io.6"
"https://api.root.io/external/osv/ROOT-APP-PYPI-CVE-2026-49853.json"
[ "6.2+root.io.4", "6.2+root.io.5", "6.2+root.io.6" ]
3.0
"6.2+aikido.4"
1.0
[ "6.2+aikido.4" ]
""