Service releases 2025.1.5 and 2025.0.11 are now available. These releases incorporate dependency upgrades and selected improvements. Crucially, they address numerous CVEs related to security vulnerabilities. These vulnerabilities include denial of service issues in property path resolution and data binding. They also fix potential SpEL injection risks in various Spring Data modules. Specific fixes target MongoDB, Relational, KeyValue, and REST components. Spring Data REST also sees patches for JSON Patch bypasses and exposure of internal data. Upcoming Spring Boot releases will integrate these updates within the next week. The releases include updated versions for Spring Data Commons, JPA, MongoDB, Cassandra, and more. Specific version numbers are provided for both the 2025.1 and 2025.0 lines. Links to Javadoc, documentation, and changelogs are available for each module.