Download Latest Version
ThingsBoard 4.3.1.2 Release source code.tar.gz (23.4 MB)
Get an email when there's a new version of ThingsBoard
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| thingsboard-4.2.2.2.deb | 2026-05-27 | 353.8 MB | |
| thingsboard-4.2.2.2.rpm | 2026-05-27 | 353.5 MB | |
| thingsboard-windows-4.2.2.2.zip | 2026-05-27 | 355.0 MB | |
| README.md | 2026-05-27 | 5.2 kB | |
| ThingsBoard 4.2.2.2 Release source code.tar.gz | 2026-05-27 | 22.7 MB | |
| ThingsBoard 4.2.2.2 Release source code.zip | 2026-05-27 | 32.3 MB | |
| Totals: 6 Items | 1.1 GB | 1 | |
What's Changed
Security
- Fixed CWE-770 in Jackson Core by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15368
- Fixed CVE-2026-34487, CVE-2026-34486, CVE-2026-34483 by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15417
- Fixed CVE-2025-70340: system alarm comments access control by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15377
- Fixed multiple CVEs: 2026-39364, 2026-39363, 2026-4800 by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/15466
- Fixed CVE-2026-40895 by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15538
- Fixed CVE-2026-5588, CVE-2026-5598, CVE-2025-14813, CVE-2026-35554, CVE-2026-27314 by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15458
- Fixed CVE-2026-40975, CVE-2026-40973, CVE-2026-22740, CVE-2026-42198 by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15557
- Fixed SSRF vulnerability in AI model provider URLs by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15412
- Fixed SSRF and file access vulnerabilities in TBEL script sandbox by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15585
- Fixed CVE-2026-40682, CVE-2026-42027 by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15588
- Fixed CVE-2026-42579, CVE-2026-42583, CVE-2026-42584, CVE-2026-42587 by @ViacheslavKlimov in https://github.com/thingsboard/thingsboard/pull/15598
- Hardened remote JS executor script invocation by @smatvienko-tb in https://github.com/thingsboard/thingsboard/pull/15600
- Fixed CVE-2026-41284, CVE-2026-43512 by @ViacheslavKlimov in https://github.com/thingsboard/thingsboard/pull/15649
Core & Rule Engine
- Performance and reliability improvements for Efento message processing by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15333
- Exposed HTTP response compression configuration params by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15520
- LZ4 compression support for Kafka by @volodymyr-babak in https://github.com/thingsboard/thingsboard/pull/15565
- Fixed WS sessions limit handling for public users by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15313
- Fixed REST API Call node blocking actor thread and semaphore permit leak by @smatvienko-tb in https://github.com/thingsboard/thingsboard/pull/15334
- Fixed entity filtering by boolean data key for EDQS by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15457
- Fixed MAX aggregation for mixed double and long telemetry values by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15560
- Added config property to control null ordering in dashboards by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15425
UI
- Bumped Node.js version from 22.18.0 to 22.22.2 by @ViacheslavKlimov in https://github.com/thingsboard/thingsboard/pull/15330
- HTML container widget by @ikulikov in https://github.com/thingsboard/thingsboard/pull/15556
- Hidden "Add Telemetry" button for Entity view by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15362
- Added '@angular/core/rxjs-interop' to modules map by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/15373
- Fixed select options being clipped in widget settings form by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/15399
- Fixed display long texts in Alarm asignee panel by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15408
- Fixed Alarm Assignee icon placement by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15423
- Adjusted size of entity type select to fit error message by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15427
- Fixed show/hide of custom header actions when using function to control visibility by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15430
- Fixed not set pageSize to child nodes in Entities hierarchy widget by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15433
- Fixed not process aggregation keys in Entities hierarchy widget by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15434
- Fixed map shape labels drifting from center after viewport resize by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15531
- Fixed CSV import not unescaping double quotes in unquoted fields by @ChantsovaEkaterina in https://github.com/thingsboard/thingsboard/pull/15581
Transport
- Added automatic SSL/TLS certificate reload for transports without service restart by @AndriiLandiak in https://github.com/thingsboard/thingsboard/pull/15301
- Fixed app hanging on MQTT port conflict at startup by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15451
- SNMP: defer querying tasks until transport session is registered by @volodymyr-babak in https://github.com/thingsboard/thingsboard/pull/15346
Full Changelog: https://github.com/thingsboard/thingsboard/compare/v4.2.2.1...v4.2.2.2
