- [fix][sec] Upgrade BouncyCastle to 1.84 (CVE-2026-5588, CVE-2026-0636) (#25569)
- [fix][sec] Upgrade to Netty 4.1.132.Final to address CVEs (#25399)
- [fix][sec] Upgrade log4j to 2.25.4 to address CVE-2026-34477, CVE-2026-34478, CVE-2026-34480, CVE-2026-34481
- [fix][client] Fix thread-safety and refactor MessageCryptoBc key management (#25400)
- [improve][common] Optimize TopicName.get() to reduce lock contention on cache lookup (#25367)
- [improve][broker] Improve the performance of TopicName constructor (#24463)