Security Bulletin: IBM Edge Data Collector uses uuid-8.3.2.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-41907

Summary IBM Edge Data Collector Component uses uuid-8.3.2.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-41907. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41907 DESCRIPTION: uuid is for the creation of RFC9562 formerly RFC4122 UUIDs...

Security Bulletin: IBM Edge Data Collector uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073

Summary IBM Edge Data Collector Component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-34073 DESCRIPTION: cryptography is a package designed to...

Security Bulletin: IBM Edge Data Collector uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42033, CVE-2026-42034, CVE-2026-42035

Summary IBM Edge Data Collector Component uses uuid-8.3.2.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044. This...

Security Bulletin: IBM Edge Data Collector uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl, cryptography-46.0.6-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892

Summary IBM Edge Data Collector Component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, cryptography-46.0.6-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892. This bulletin contains information addressing the vulnerability. Vulnerability Details...

Security Bulletin: IBM Edge Data Collector uses openssl-0.10.76.crate which is vulnerable to CVE-2026-41898

Summary IBM Edge Data Collector Component uses openssl-0.10.76.crate which is vulnerable to CVE-2026-41898. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41898 DESCRIPTION: rust-openssl provides OpenSSL bindings for the Rust programming...

Security Bulletin: IBM Edge Data Collector uses openssl-0.10.76.crate which is vulnerable to CVE-2026-41676, CVE-2026-41677, CVE-2026-41678, CVE-2026-41681

Summary IBM Edge Data Collector Component uses openssl-0.10.76.crate which is vulnerable to CVE-2026-41676, CVE-2026-41677, CVE-2026-41678, CVE-2026-41681. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41676 DESCRIPTION: rust-openssl provide...

Security Bulletin: IBM Edge Data Collector uses axios-1.13.6.tgz which is vulnerable to CVE-2025-62718.

Summary IBM Edge Data Collector uses axios-1.13.6.tgz which is vulnerable to CVE-2025-62718. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 a...

Security Bulletin: IBM Edge Data Collector uses axios-1.13.6.tgz which is vulnerable to CVE-2026-40175.

Summary IBM Edge Data Collector uses axios-1.13.6.tgz which is vulnerable to CVE-2026-40175. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-40175 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 a...

Security Bulletin: IBM Edge Data Collector uses picomatch-2.3.1.tgz which is vulnerable to CVE-2026-33671, CVE-2026-33672.

Summary IBM Edge Data Collector uses picomatch-2.3.1.tgz which is vulnerable to CVE-2026-33671, CVE-2026-33672. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-33671 DESCRIPTION: Picomatch is a glob matcher written JavaScript. Versions prior t...

Security Bulletin: IBM Edge Data Collector uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922.

Summary IBM Edge Data Collector uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyas...

Security Bulletin: IBM Edge Data Collector uses lodash-4.17.23.tgz, lodash-es-4.17.23.tgz which is vulnerable to CVE-2026-2950, CVE-2026-4800.

Summary IBM Edge Data Collector uses lodash-4.17.23.tgz, lodash-es-4.17.23.tgz which is vulnerable to CVE-2026-2950, CVE-2026-4800. This bulletin contains information addressing the vulnerabilities. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions 4.17.23 and earlier...

Security Bulletin: IBM Edge Data Collector uses minimatch-3.1.2.tgz which is vulnerable to CVE-2026-26996, CVE-2026-27903, CVE-2026-27904

Summary IBM Edge Data Collector uses minimatch-3.1.2.tgz which is vulnerable to CVE-2026-26996, CVE-2026-27903, CVE-2026-27904. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION: minimatch is a minimal matching utility for...

Security Bulletin: IBM Edge Data Collector uses lodash-4.17.21.tgz, lodash-es-4.17.21.tgz which is vulnerable to CVE-2025-13465.

Summary IBM Edge Data Collector uses lodash-4.17.21.tgz, lodash-es-4.17.21.tgz which is vulnerable to CVE-2025-13465. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are vulnerable to...

Security Bulletin: IBM Edge Data Collector uses cryptography-44.0.1-cp39-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-26007.

Summary IBM Edge Data Collector uses cryptography-44.0.1-cp39-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-26007. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package designed to expose...

Security Bulletin: IBM Edge Data Collector uses time-0.3.37.crate which is vulnerable to CVE-2026-25727.

Summary IBM Edge Data Collector uses time-0.3.37.crate which is vulnerable to CVE-2026-25727. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25727 DESCRIPTION: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when...

Security Bulletin: IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2026-22701.

Summary IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2026-22701. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-22701 DESCRIPTION: filelock is a platform-independent file lock for Python. Prior to...

Security Bulletin: IBM Edge Data Collector uses django-4.2.27-py3-none-any.whl which is vulnerable to CVE-2025-13473, CVE-2025-14550, CVE-2026-1207, CVE-2026-1285, CVE-2026-1287, CVE-2026-1312.

Summary IBM Edge Data Collector uses django-4.2.27-py3-none-any.whl which is vulnerable to CVE-2025-13473, CVE-2025-14550, CVE-2026-1207, CVE-2026-1285, CVE-2026-1287, CVE-2026-1312. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-13473...

Security Bulletin: IBM Edge Data Collector uses bytes-1.10.0.crate which is vulnerable to CVE-2026-25541.

Summary IBM Edge Data Collector uses bytes-1.10.0.crate which is vulnerable to CVE-2026-25541. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25541 DESCRIPTION: Bytes is a utility library for working with bytes. From version 1.2.1 to before...

Security Bulletin: Multiple Vulnerabilities in IBM Edge Application Manager

Summary Multiple vulnerabilities were addressed in IBM Edge Application Manager 5.0.2 Vulnerability Details CVEID:CVE-2026-24842 DESCRIPTION: node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path resolutio...

Security Bulletin: IBM IBM Edge Data Collector uses azure_core-1.14.0-py2.py3-none-any.whl which is vulnerable to CVE-2026-21226.

Summary IBM IBM Edge Data Collector uses azurecore-1.14.0-py2.py3-none-any.whl which is vulnerable to CVE-2026-21226. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-21226 DESCRIPTION: Deserialization of untrusted data in Azure Core shared...