diff --git a/.trivyignore b/.trivyignore
new file mode 100644
index 00000000..a9ce4994
--- /dev/null
+++ b/.trivyignore
@@ -0,0 +1 @@
+CVE-2025-25193
diff --git a/changelog.md b/changelog.md
index 67749f06..8ccc7e10 100644
--- a/changelog.md
+++ b/changelog.md
@@ -3,6 +3,12 @@ This file contains all the notable changes done to the Ballerina UDP package thr
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [Unreleased]
+
+### Fixed
+
+- [Address Netty security vulnerabilities: `CVE-2025-24970` and `CVE-2025-25193`](https://github.com/ballerina-platform/ballerina-library/issues/7571)
+
 ## [1.11.1] - 2024-11-19
 
 ### Fixed
diff --git a/gradle.properties b/gradle.properties
index 735f4a98..ce0efde2 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -8,7 +8,7 @@ githubJohnrengelmanShadowVersion=8.1.1
 checkstyleToolVersion=7.8.2
 githubSpotbugsVersion=5.0.14
 testngVersion=7.6.1
-nettyVersion=4.1.115.Final
+nettyVersion=4.1.118.Final
 underCouchDownloadVersion=5.4.0
 researchgateReleaseVersion=2.8.0
 slf4jVersion=1.7.30