From ed1e8036db884d3740918bb1b850878e3516a322 Mon Sep 17 00:00:00 2001
From: Deirdre Malone <dmalone@redhat.com>
Date: Mon, 15 Jun 2026 12:17:28 +0100
Subject: [PATCH] OCPBUGS-88392: CVE-2026-44487 bump axios to 1.16.0

---
 web/package-lock.json | 8 ++++----
 web/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/web/package-lock.json b/web/package-lock.json
index c3bf8d289..8737fdec4 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -9469,12 +9469,12 @@
       "license": "MIT"
     },
     "node_modules/axios": {
-      "version": "1.15.0",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.15.0.tgz",
-      "integrity": "sha512-wWyJDlAatxk30ZJer+GeCWS209sA42X+N5jU2jy6oHTp7ufw8uzUTVFBX9+wTfAlhiJXGS0Bq7X6efruWjuK9Q==",
+      "version": "1.16.0",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.16.0.tgz",
+      "integrity": "sha512-6hp5CwvTPlN2A31g5dxnwAX0orzM7pmCRDLnZSX772mv8WDqICwFjowHuPs04Mc8deIld1+ejhtaMn5vp6b+1w==",
       "license": "MIT",
       "dependencies": {
-        "follow-redirects": "^1.15.11",
+        "follow-redirects": "^1.16.0",
         "form-data": "^4.0.5",
         "proxy-from-env": "^2.1.0"
       }
diff --git a/web/package.json b/web/package.json
index 811f438b3..1e619da58 100644
--- a/web/package.json
+++ b/web/package.json
@@ -175,7 +175,7 @@
   "overrides": {
     "echarts": "^5.6.0",
     "qs": "^6.14.1",
-    "axios": "1.15.0",
+    "axios": "^1.16.0",
     "follow-redirects": "^1.16.0",
     "koa": "^3.1.2",
     "sass": {