4621 matches found
Security Bulletin: IBM Edge Data Collector uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42033, CVE-2026-42034, CVE-2026-42035
Summary IBM Edge Data Collector Component uses uuid-8.3.2.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044. This...
CVE-2026-44495
creationtimestamp| type| source ---|---|--- 2026-05-29 09:05:09+00:00| published-proof-of-concept| https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42264
Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42264.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-42264 DESCRIPTION: Axios is a promise based HTTP client for...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037
Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043,...
CVE-2026-44494
creationtimestamp| type| source ---|---|--- 2026-05-29 06:49:56+00:00| published-proof-of-concept| https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh 2026-06-03 14:43:57+00:00| published-proof-of-concept| https://t.me/bdufstecru/3216 2026-06-11 18:01:07+00:00| seen|...
CVE-2026-44492
creationtimestamp| type| source ---|---|--- 2026-05-29 06:32:41+00:00| published-proof-of-concept| https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv 2026-06-11 18:00:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnzsmajacl2n 2026-06-12 12:00:59+00:0...
CVE-2026-44490
creationtimestamp| type| source ---|---|--- 2026-05-29 06:32:22+00:00| published-proof-of-concept| https://github.com/axios/axios/security/advisories/GHSA-898c-q2cr-xwhg 2026-06-12 12:01:26+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mo3oxs2bzq2k...
CVE-2026-44489
creationtimestamp| type| source ---|---|--- 2026-05-29 06:31:28+00:00| published-proof-of-concept| https://github.com/axios/axios/security/advisories/GHSA-654m-c8p4-x5fp 2026-06-12 12:01:27+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mo3oxubhy325...
PT-2026-44909
Name of the Vulnerable Software and Affected Versions Axios versions 1.15.2 through 1.15.9 Description Nested objects created by the merge function in utils.js are constructed as plain objects, meaning they retain Object.prototype in their prototype chain. The setProxy function in...
PT-2026-44984
Name of the Vulnerable Software and Affected Versions axios versions prior to 0.32.0 axios versions prior to 1.16.0 Description Axios is a promise-based HTTP client for the browser and Node.js. The issue resides in the lib/helpers/shouldBypassProxy.js file and is caused by the failure to normaliz...
PT-2026-44911
Name of the Vulnerable Software and Affected Versions Axios versions 0.19.0 through 0.31.0 Axios versions 1.x through 1.15.1 Description Axios contains prototype-pollution gadgets in its request configuration processing. If a separate vulnerability in the same JavaScript process allows an attacke...
Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (2025-62718)
Summary IBM Security SOAR uses an older version of the Axios component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios i...
Security Bulletin: IBM z/TPF Development is affected by multiple vulnerabilities reported in the axios package
Summary Multiple vulnerabilities were identified in the open-source package axios version 1.15.0, which provides the HTTPS/HTTP client used by the extension. Fixes for these vulnerabilities were made available in axios version 1.15.2. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios ...
SUSE CVE-2025-27152
axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue...
List of Security Fixes and Improvements in Veeam Service Provider Console
Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Service Provider Console. This article aims to provide our customers' security and compliance teams with detailed information on security improvements between releases to help...
Security Bulletin: IBM Maximo Scheduler Optimizer uses axios-1.13.5.tgz which is vulnerable to CVE-2026-40175
Summary IBM Maximo Scheduler Optimizer uses axios-1.13.5.tgz which is vulnerable to CVE-2026-40175. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-40175 DESCRIPTION: Axios is a promise based HTTP client for the browser and...
Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilites
Summary The vulnerabilities were found in dependent open source libraries used within IBM Quantum Safe Explorer code base. These issues have been addressed by updating the versions of affected libraries. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client...
Malicious code in turbo-axios (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62503451ade68043379968f3dc4784fdb66424d55422854514e3ba1b10058324 turbo-axios is a typosquat of the popular axios HTTP client it re-exports the full axios API and reuses axios's repository/homepage metadata in...
MAL-2026-4695 Malicious code in turbo-axios (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62503451ade68043379968f3dc4784fdb66424d55422854514e3ba1b10058324 turbo-axios is a typosquat of the popular axios HTTP client it re-exports the full axios API and reuses axios's repository/homepage metadata in...
Security Bulletin: IBM Cognos Analytics Mobile is affected by multiple security vulnerabilties
Summary IBM Cognos Analytics Mobile is affected by multiple security vulnerabilities. These have been addressed in IBM Cognos Analytics Mobile 1.1.26. Vulnerability Details CVEID:CVE-2026-26278 DESCRIPTION: fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS...