ROOT-APP-NPM-CVE-2026-41305

See a problem?
Please try reporting it to the source first.

Source

https://root.io/security/ROOT-APP-NPM-CVE-2026-41305

Import Source

https://api.root.io/external/osv/ROOT-APP-NPM-CVE-2026-41305.json

JSON Data

https://api.test.osv.dev/v1/vulns/ROOT-APP-NPM-CVE-2026-41305

Upstream

CVE-2026-41305

Published

2026-06-24T09:09:28Z

Modified

2026-06-24T14:03:44.972370109Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

CVE-2026-41305 in @rootio/postcss - Patched by Root

Details

Root has patched CVE-2026-41305 in the @rootio/postcss package for Root:npm. Multiple fixed versions available.

Database specific

{
    "distro_version": "",
    "distro": "npm",
    "source": "Root",
    "severity": "MEDIUM"
}

References

Affected packages

Root:npm / @rootio/postcss

Package

Name: @rootio/postcss

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.5.6-root.io.2

Fixed

8.5.8-root.io.2

Fixed

8.5.6-root.io.1

Fixed

8.5.8-root.io.1

Fixed

8.4.49-root.io.1

Fixed

8.5.9-root.io.1

Fixed

8.5.3-root.io.1

Fixed

8.4.31-root.io.1

Fixed

5.2.18-root.io.3

Fixed

7.0.39-root.io.4

Database specific

all_fixed_versions

[
    "8.5.6-root.io.2",
    "8.5.8-root.io.2",
    "8.5.6-root.io.1",
    "8.5.8-root.io.1",
    "8.4.49-root.io.1",
    "8.5.9-root.io.1",
    "8.5.3-root.io.1",
    "8.4.31-root.io.1",
    "5.2.18-root.io.3",
    "7.0.39-root.io.4"
]

root_patched

true

root_patch_version

""

total_fixed_versions

10.0

upstream_version

"7.0.39-root.io.4"

source

"https://api.root.io/external/osv/ROOT-APP-NPM-CVE-2026-41305.json"

Root:npm / postcss