diff --git a/.trivyignore b/.trivyignore
new file mode 100644
index 000000000..a9ce49943
--- /dev/null
+++ b/.trivyignore
@@ -0,0 +1 @@
+CVE-2025-25193
diff --git a/changelog.md b/changelog.md
index 0cadcdfa7..510b5d831 100644
--- a/changelog.md
+++ b/changelog.md
@@ -4,6 +4,12 @@ This file contains all the notable changes done to the Ballerina HTTP package th
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to
 [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [Unreleased]
+
+### Fixed
+
+- [Address Netty security vulnerabilities: `CVE-2025-24970` and `CVE-2025-25193`](https://github.com/ballerina-platform/ballerina-library/issues/7571)
+
 ## [2.12.4] - 2024-12-10
 
 ### Added
diff --git a/gradle.properties b/gradle.properties
index 61557e9e3..d786b35c7 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -4,8 +4,8 @@ version=2.12.5-SNAPSHOT
 ballerinaLangVersion=2201.10.0
 ballerinaTomlParserVersion=1.2.2
 commonsLang3Version=3.12.0
-nettyVersion=4.1.115.Final
-nettyTcnativeVersion=2.0.65.Final
+nettyVersion=4.1.118.Final
+nettyTcnativeVersion=2.0.70.Final
 bouncycastleVersion=1.78
 slf4jVersion=1.7.30
 jakartaXmlBindVersion=4.0.0