diff --git a/.cra/.cveignore b/.cra/.cveignore
index 81b5e2d9b5..914ced81d7 100644
--- a/.cra/.cveignore
+++ b/.cra/.cveignore
@@ -68,5 +68,10 @@
     "cve": "CVE-2025-48924",
     "alwaysOmit": true,
     "comment": "testing"
+  },
+  {
+    "cve": "CVE-2025-67030",
+    "alwaysOmit": true,
+    "comment": "gradle check"
   }
-]
\ No newline at end of file
+]
diff --git a/clustered/osgi-test/build.gradle b/clustered/osgi-test/build.gradle
index 5d0e729833..4f169a1fa3 100644
--- a/clustered/osgi-test/build.gradle
+++ b/clustered/osgi-test/build.gradle
@@ -66,6 +66,9 @@ configurations.all {
         .using(module('org.ops4j.pax.url:pax-url-link:2.6.11'))
       substitute(module('org.ops4j.pax.url:pax-url-aether:2.6.8'))
         .using(module('org.ops4j.pax.url:pax-url-aether:3.0.2'))
+      substitute(module('org.codehaus.plexus:plexus-utils:3.6.0'))
+        .using(module('org.codehaus.plexus:plexus-utils:3.6.1'))
+        .because('CVE-2025-67030')
       substitute(module('org.apache.commons:commons-lang3:3.12.0'))
         .using(module('org.apache.commons:commons-lang3:3.18.0'))
         .because('CVE-2025-48924')
diff --git a/demos/build.gradle b/demos/build.gradle
index 2c4c8d8d8c..424a7c3c9d 100644
--- a/demos/build.gradle
+++ b/demos/build.gradle
@@ -3,7 +3,7 @@ plugins {
   id 'org.ehcache.build.conventions.war' apply false
 }
 
-def jettyVersion = '12.1.5'
+def jettyVersion = '12.1.8'
 
 dependencies {
   api platform("org.eclipse.jetty:jetty-bom:${jettyVersion}")
diff --git a/gradle.properties b/gradle.properties
index 78ec1c5a8a..486b8d45c8 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -9,8 +9,8 @@ slf4jVersion = 2.0.17
 sizeofVersion = 0.4.4
 
 # Terracotta clustered
-terracottaPlatformVersion = 5.11.7
-terracottaCoreVersion = 5.12.18
+terracottaPlatformVersion = 5.11.9
+terracottaCoreVersion = 5.12.22
 terracottaUtilitiesVersion = 0.0.19
 
 # Test lib versions
diff --git a/osgi-test/build.gradle b/osgi-test/build.gradle
index 418d355a71..6f8622a622 100644
--- a/osgi-test/build.gradle
+++ b/osgi-test/build.gradle
@@ -80,6 +80,9 @@ configurations.all {
         .using(module('org.ops4j.pax.url:pax-url-link:2.6.11'))
       substitute(module('org.ops4j.pax.url:pax-url-aether:2.6.8'))
         .using(module('org.ops4j.pax.url:pax-url-aether:3.0.2'))
+      substitute(module('org.codehaus.plexus:plexus-utils:3.6.0'))
+        .using(module('org.codehaus.plexus:plexus-utils:3.6.1'))
+        .because('CVE-2025-67030')
       substitute(module('org.apache.commons:commons-lang3:3.12.0'))
         .using(module('org.apache.commons:commons-lang3:3.18.0'))
         .because('CVE-2025-48924')