diff --git a/CHANGES.rst b/CHANGES.rst
index b6e8f312..61f0c60a 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -9,6 +9,7 @@ Changes
 
 Features / Changes
 ~~~~~~~~~~~~~~~~~~~~~
+* Pin ``urllib3>=2.2.2`` to address CVE-2024-37891.
 * Pin ``gunicorn>=22`` to address CVE-2024-1135.
 * Pin Docker base to ``python:3.11-alpine3.19`` for various security fixes.
 * Update ``magpie==4.0.0`` for corresponding fixes
diff --git a/requirements.txt b/requirements.txt
index 96b9c34d..c5ab06b0 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -21,5 +21,6 @@ schema
 simplejson
 threddsclient==0.4.4
 typing_extensions
+urllib3>=2.2.2
 watchdog>=4
 webob