PatchSiren cyber security CVE debrief
CVE-2026-9147 scikit-hep CVE debrief
The uproot library dynamically generates Python class source code from ROOT TStreamerInfo records in a file and compiles it at runtime. Some file-controlled streamer metadata fields are interpolated into the generated Python source without safe quoting. An attacker who can supply a crafted ROOT file can place Python expression-breaking content into a streamer metadata field. When uproot generates and invokes the corresponding reader method, the injected Python expression is evaluated in the context of the process opening the file, resulting in arbitrary Python code execution in applications that open or process attacker-controlled ROOT files with affected uproot code paths.
- Vendor
- scikit-hep
- Product
- uproot5
- CVSS
- HIGH 8.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-18
- Original CVE updated
- 2026-07-18
- Advisory published
- 2026-07-18
- Advisory updated
- 2026-07-18
Who should care
Developers and users of the uproot library, particularly those who work with ROOT files from untrusted sources, should be aware of this vulnerability. Applications that open or process ROOT files using affected uproot code paths are potentially vulnerable to arbitrary Python code execution.
Technical summary
uproot generates Python class source code from ROOT TStreamerInfo records at runtime. Some streamer metadata fields from the file are interpolated into the generated Python source without proper quoting. This allows an attacker to inject Python expressions by crafting a malicious ROOT file. When uproot creates and calls the corresponding reader method, the injected expression is executed in the context of the process opening the file. This results in arbitrary Python code execution in applications that process attacker-controlled ROOT files using vulnerable uproot code paths.
Defensive priority
High
Recommended defensive actions
- Immediately update to the latest version of uproot that addresses this vulnerability
- Implement strict validation and sanitization of ROOT file metadata
- Use secure methods for generating and executing Python code from untrusted sources
- Monitor for and restrict the processing of untrusted ROOT files
- Consider implementing compensating controls such as sandboxing or isolation for applications processing ROOT files
Evidence notes
The CVE record was published on 2026-07-18T13:17:06.273Z and has not been modified since then. The NVD entry is currently 8.5 HIGH. Limited details are available about the specific conditions and scope of the vulnerability. Further investigation is needed to determine the full impact and to verify affected configurations.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-18T13:17:06.273Z and has not been modified since then. The NVD entry is currently 8.5 HIGH.