Root has patched CVE-2026-54277 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available.
{ "source": "Root", "distro_version": "", "severity": "HIGH", "distro": "pypi" }
[ "3.12.15+root.io.6" ]
"3.12.15"
"root.io.6"
true
1.0
"https://api.root.io/external/osv/ROOT-APP-PYPI-CVE-2026-54277.json"