{"id":"ROOT-APP-PYPI-CVE-2026-28490","summary":"CVE-2026-28490 in rootio-Authlib - Patched by Root","details":"Root has patched CVE-2026-28490 in the rootio-Authlib package for Root:PyPI. Multiple fixed versions available.","modified":"2026-05-21T12:30:07.757453589Z","published":"2026-05-21T06:32:53Z","upstream":["CVE-2026-28490"],"database_specific":{"severity":"MEDIUM","source":"Root","distro_version":"","distro":"pypi"},"affected":[{"package":{"name":"rootio-Authlib","ecosystem":"Root:PyPI"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.15.5+root.io.6"},{"fixed":"0.15.5+root.io.7"},{"fixed":"0.15.5+root.io.8"},{"fixed":"1.6.6+root.io.3"},{"fixed":"1.6.6+root.io.4"}]}],"database_specific":{"root_patched":true,"source":"https://api.root.io/external/osv/ROOT-APP-PYPI-CVE-2026-28490.json","all_fixed_versions":["0.15.5+root.io.6","0.15.5+root.io.7","0.15.5+root.io.8","1.6.6+root.io.3","1.6.6+root.io.4"],"upstream_version":"1.6.6","total_fixed_versions":5,"root_patch_version":"root.io.4"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"}]}