PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-9147 scikit-hep CVE debrief

The uproot library dynamically generates Python class source code from ROOT TStreamerInfo records in a file and compiles it at runtime. Some file-controlled streamer metadata fields are interpolated into the generated Python source without safe quoting. An attacker who can supply a crafted ROOT file can place Python expression-breaking content into a streamer metadata field. When uproot generates and invokes the corresponding reader method, the injected Python expression is evaluated in the context of the process opening the file, resulting in arbitrary Python code execution in applications that open or process attacker-controlled ROOT files with affected uproot code paths.

Vendor
scikit-hep
Product
uproot5
CVSS
HIGH 8.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-18
Original CVE updated
2026-07-18
Advisory published
2026-07-18
Advisory updated
2026-07-18

Who should care

Developers and users of the uproot library, particularly those who work with ROOT files from untrusted sources, should be aware of this vulnerability. Applications that open or process ROOT files using affected uproot code paths are potentially vulnerable to arbitrary Python code execution.

Technical summary

uproot generates Python class source code from ROOT TStreamerInfo records at runtime. Some streamer metadata fields from the file are interpolated into the generated Python source without proper quoting. This allows an attacker to inject Python expressions by crafting a malicious ROOT file. When uproot creates and calls the corresponding reader method, the injected expression is executed in the context of the process opening the file. This results in arbitrary Python code execution in applications that process attacker-controlled ROOT files using vulnerable uproot code paths.

Defensive priority

High

Recommended defensive actions

  • Immediately update to the latest version of uproot that addresses this vulnerability
  • Implement strict validation and sanitization of ROOT file metadata
  • Use secure methods for generating and executing Python code from untrusted sources
  • Monitor for and restrict the processing of untrusted ROOT files
  • Consider implementing compensating controls such as sandboxing or isolation for applications processing ROOT files

Evidence notes

The CVE record was published on 2026-07-18T13:17:06.273Z and has not been modified since then. The NVD entry is currently 8.5 HIGH. Limited details are available about the specific conditions and scope of the vulnerability. Further investigation is needed to determine the full impact and to verify affected configurations.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-18T13:17:06.273Z and has not been modified since then. The NVD entry is currently 8.5 HIGH.