ROOT-APP-PYPI-CVE-2026-48710
- Source
- https://root.io/security/ROOT-APP-PYPI-CVE-2026-48710
- Import Source
- https://api.root.io/external/osv/ROOT-APP-PYPI-CVE-2026-48710.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/ROOT-APP-PYPI-CVE-2026-48710
- Upstream
- Published
- 2026-06-18T03:47:41Z
- Modified
- 2026-06-18T07:16:30.386522368Z
- Summary
- CVE-2026-48710 in rootio-starlette - Patched by Root
- Details
-
Root has patched CVE-2026-48710 in the rootio-starlette package for Root:PyPI. Multiple fixed versions available.
- Database specific
{ "distro_version": "", "distro": "pypi", "source": "Root", "severity": "MEDIUM" }- References
-
Affected packages
Root:PyPI / rootio-starlette
Package
- Name
- rootio-starlette
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.27.0+root.io.1Fixed0.45.3+root.io.3Fixed0.19.1+root.io.1Fixed0.9.9+root.io.1Fixed0.19.0+root.io.1Fixed0.21.0+root.io.1Fixed0.22.0+root.io.2Fixed0.36.1+root.io.1Fixed0.36.2+root.io.1Fixed0.38.6+root.io.1Fixed0.45.0+root.io.1Fixed0.9.9+root.io.2Fixed0.45.1+root.io.1Fixed0.47.0+root.io.3Fixed0.49.2+root.io.1Fixed0.45.2+root.io.2Fixed0.49.3+root.io.1Fixed0.44.0+root.io.1Fixed0.43.0+root.io.1Fixed0.46.0+root.io.2Fixed0.41.0+root.io.1Fixed0.51.0+root.io.1Fixed0.52.0+root.io.1Fixed0.38.5+root.io.1Fixed0.49.0+root.io.1Fixed0.38.4+root.io.1Fixed0.38.2+root.io.1Fixed0.22.0+root.io.3Fixed0.47.2+root.io.2Fixed0.47.1+root.io.2Fixed0.41.2+root.io.2Fixed0.41.3+root.io.2Fixed0.41.3+root.io.3Fixed0.47.2+root.io.3Fixed0.47.1+root.io.3Fixed0.22.0+aikido.4Fixed0.21.0+aikido.2Fixed0.19.0+aikido.2Fixed0.19.1+aikido.2Fixed0.41.3+aikido.4Fixed0.43.0+aikido.2Fixed0.44.0+aikido.2Fixed0.45.0+aikido.2Fixed0.47.2+aikido.4Fixed0.45.3+aikido.12Fixed0.45.1+aikido.2Fixed0.46.0+aikido.3Fixed0.47.1+aikido.4Fixed0.47.0+aikido.4Fixed0.49.1+aikido.1Fixed0.49.2+aikido.2Fixed0.49.3+aikido.2Fixed0.49.0+aikido.2Fixed0.51.0+aikido.2Fixed0.52.0+aikido.2Fixed0.9.9+aikido.3Fixed0.52.1+aikido.1Fixed0.45.2+aikido.3Fixed0.49.0+root.io.3Fixed0.41.3+root.io.5Fixed0.41.3+root.io.6
Database specific
all_fixed_versions
[
"0.27.0+root.io.1",
"0.45.3+root.io.3",
"0.19.1+root.io.1",
"0.9.9+root.io.1",
"0.19.0+root.io.1",
"0.21.0+root.io.1",
"0.22.0+root.io.2",
"0.36.1+root.io.1",
"0.36.2+root.io.1",
"0.38.6+root.io.1",
"0.45.0+root.io.1",
"0.9.9+root.io.2",
"0.45.1+root.io.1",
"0.47.0+root.io.3",
"0.49.2+root.io.1",
"0.45.2+root.io.2",
"0.49.3+root.io.1",
"0.44.0+root.io.1",
"0.43.0+root.io.1",
"0.46.0+root.io.2",
"0.41.0+root.io.1",
"0.51.0+root.io.1",
"0.52.0+root.io.1",
"0.38.5+root.io.1",
"0.49.0+root.io.1",
"0.38.4+root.io.1",
"0.38.2+root.io.1",
"0.22.0+root.io.3",
"0.47.2+root.io.2",
"0.47.1+root.io.2",
"0.41.2+root.io.2",
"0.41.3+root.io.2",
"0.41.3+root.io.3",
"0.47.2+root.io.3",
"0.47.1+root.io.3",
"0.22.0+aikido.4",
"0.21.0+aikido.2",
"0.19.0+aikido.2",
"0.19.1+aikido.2",
"0.41.3+aikido.4",
"0.43.0+aikido.2",
"0.44.0+aikido.2",
"0.45.0+aikido.2",
"0.47.2+aikido.4",
"0.45.3+aikido.12",
"0.45.1+aikido.2",
"0.46.0+aikido.3",
"0.47.1+aikido.4",
"0.47.0+aikido.4",
"0.49.1+aikido.1",
"0.49.2+aikido.2",
"0.49.3+aikido.2",
"0.49.0+aikido.2",
"0.51.0+aikido.2",
"0.52.0+aikido.2",
"0.9.9+aikido.3",
"0.52.1+aikido.1",
"0.45.2+aikido.3",
"0.49.0+root.io.3",
"0.41.3+root.io.5",
"0.41.3+root.io.6"
]
root_patched
true
total_fixed_versions
61.0
upstream_version
"0.41.3"
root_patch_version
"root.io.6"
source
"https://api.root.io/external/osv/ROOT-APP-PYPI-CVE-2026-48710.json"
Root:PyPI / starlette
Package
- Name
- starlette
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.19.0+aikido.1Fixed0.19.1+aikido.1Fixed0.21.0+aikido.1Fixed0.27.0+aikido.1Fixed0.36.1+aikido.1Fixed0.36.2+aikido.1Fixed0.45.3+aikido.10Fixed0.45.3+aikido.11Fixed0.45.3+aikido.5Fixed0.45.3+aikido.6Fixed0.45.3+aikido.7Fixed0.45.3+aikido.8Fixed0.45.3+aikido.9Fixed0.9.9+aikido.1Fixed0.38.6+aikido.1Fixed0.45.0+aikido.1Fixed0.9.9+aikido.2Fixed0.45.1+aikido.1Fixed0.47.0+aikido.3Fixed0.49.2+aikido.1Fixed0.45.2+aikido.2Fixed0.49.3+aikido.1Fixed0.44.0+aikido.1Fixed0.43.0+aikido.1Fixed0.46.0+aikido.2Fixed0.41.0+aikido.1Fixed0.51.0+aikido.1Fixed0.52.0+aikido.1Fixed0.38.5+aikido.1Fixed0.49.0+aikido.1Fixed0.38.4+aikido.1Fixed0.38.2+aikido.1Fixed0.22.0+aikido.3Fixed0.47.2+aikido.2Fixed0.47.1+aikido.2Fixed0.41.2+aikido.2Fixed0.41.3+aikido.2Fixed0.41.3+aikido.3Fixed0.47.2+aikido.3Fixed0.47.1+aikido.3Fixed0.41.3+aikido.5Fixed0.41.3+aikido.6
Database specific
all_fixed_versions
[
"0.19.0+aikido.1",
"0.19.1+aikido.1",
"0.21.0+aikido.1",
"0.27.0+aikido.1",
"0.36.1+aikido.1",
"0.36.2+aikido.1",
"0.45.3+aikido.10",
"0.45.3+aikido.11",
"0.45.3+aikido.5",
"0.45.3+aikido.6",
"0.45.3+aikido.7",
"0.45.3+aikido.8",
"0.45.3+aikido.9",
"0.9.9+aikido.1",
"0.38.6+aikido.1",
"0.45.0+aikido.1",
"0.9.9+aikido.2",
"0.45.1+aikido.1",
"0.47.0+aikido.3",
"0.49.2+aikido.1",
"0.45.2+aikido.2",
"0.49.3+aikido.1",
"0.44.0+aikido.1",
"0.43.0+aikido.1",
"0.46.0+aikido.2",
"0.41.0+aikido.1",
"0.51.0+aikido.1",
"0.52.0+aikido.1",
"0.38.5+aikido.1",
"0.49.0+aikido.1",
"0.38.4+aikido.1",
"0.38.2+aikido.1",
"0.22.0+aikido.3",
"0.47.2+aikido.2",
"0.47.1+aikido.2",
"0.41.2+aikido.2",
"0.41.3+aikido.2",
"0.41.3+aikido.3",
"0.47.2+aikido.3",
"0.47.1+aikido.3",
"0.41.3+aikido.5",
"0.41.3+aikido.6"
]
root_patched
true
total_fixed_versions
42.0
upstream_version
"0.41.3+aikido.6"
root_patch_version
""
source
"https://api.root.io/external/osv/ROOT-APP-PYPI-CVE-2026-48710.json"