diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8fbc8c8ff2..3114cf368b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,7 @@
     - Added warning about using plain HTTP OAuth endpoints (snowflakedb/snowflake-jdbc#2556).
     - Fix initializing ObjectMapper when DATE_OUTPUT_FORMAT is specified (snowflakedb/snowflake-jdbc#2545).
     - Fix Netty native library conflict in thin JAR (snowflakedb/snowflake-jdbc#2559)
+    - Bumped netty to 4.1.132.Final to address CVE-2026-33870 (High) and CVE-2026-33871 (High) (snowflakedb/snowflake-jdbc#2561)
 
 - v4.0.2
     - Fix expired session token renewal when polling results (snowflakedb/snowflake-jdbc#2489)   
diff --git a/TestOnly/pom.xml b/TestOnly/pom.xml
index fab48d672b..40a85f45a2 100644
--- a/TestOnly/pom.xml
+++ b/TestOnly/pom.xml
@@ -21,7 +21,7 @@
     <junit.version>5.11.1</junit.version>
     <surefire.version>3.5.1</surefire.version>
     <mockito.version>3.5.6</mockito.version>
-    <netty.version>4.1.130.Final</netty.version>
+    <netty.version>4.1.132.Final</netty.version>
     <apache.httpclient.version>4.5.14</apache.httpclient.version>
     <bouncycastle.version>1.82</bouncycastle.version>
     <shadeBase>net.snowflake.client.jdbc.internal</shadeBase>
diff --git a/parent-pom.xml b/parent-pom.xml
index 1d4addb1f2..65f20a44e3 100644
--- a/parent-pom.xml
+++ b/parent-pom.xml
@@ -14,6 +14,7 @@
   </modules>
 
   <properties>
+    <animal.sniffer.annotations.version>1.26</animal.sniffer.annotations.version>
     <apache.commons.compress.version>1.28.0</apache.commons.compress.version>
     <apache.commons.lang3.version>3.18.0</apache.commons.lang3.version>
     <apache.commons.text.version>1.10.0</apache.commons.text.version>
@@ -55,7 +56,7 @@
     <google.j2objc-annotations.version>3.0.0</google.j2objc-annotations.version>
     <google.jsr305.version>3.0.2</google.jsr305.version>
     <google.protobuf.java.version>4.28.2</google.protobuf.java.version>
-    <grpc.version>1.77.0</grpc.version>
+    <grpc.version>1.80.0</grpc.version>
     <hamcrest.version>2.2</hamcrest.version>
     <hikaricp.version>2.4.3</hikaricp.version>
     <jackson.version>2.18.4.1</jackson.version>
@@ -70,7 +71,7 @@
     <logback.version>1.3.6</logback.version>
     <mockito.version>4.11.0</mockito.version>
     <nimbusds.oauth2.version>11.30.1</nimbusds.oauth2.version>
-    <netty.version>4.1.130.Final</netty.version>
+    <netty.version>4.1.132.Final</netty.version>
     <nimbusds.version>10.6</nimbusds.version>
     <opencensus.version>0.31.1</opencensus.version>
     <plexus.container.version>1.0-alpha-9-stable-1</plexus.container.version>
@@ -151,6 +152,11 @@
         <type>pom</type>
         <scope>import</scope>
       </dependency>
+      <dependency>
+        <groupId>org.codehaus.mojo</groupId>
+        <artifactId>animal-sniffer-annotations</artifactId>
+        <version>${animal.sniffer.annotations.version}</version>
+      </dependency>
       <dependency>
         <groupId>classworlds</groupId>
         <artifactId>classworlds</artifactId>
diff --git a/thin_public_pom.xml b/thin_public_pom.xml
index e374cc570b..87b0bc2838 100644
--- a/thin_public_pom.xml
+++ b/thin_public_pom.xml
@@ -33,6 +33,7 @@
   </scm>
 
   <properties>
+    <animal.sniffer.annotations.version>1.26</animal.sniffer.annotations.version>
     <apache.httpclient.version>4.5.14</apache.httpclient.version>
     <apache.httpcore.version>4.4.16</apache.httpcore.version>
     <awssdk.version>2.37.5</awssdk.version>
@@ -53,14 +54,14 @@
     <google.http.client.version>1.45.0</google.http.client.version>
     <google.jsr305.version>3.0.2</google.jsr305.version>
     <google.protobuf.java.version>4.28.2</google.protobuf.java.version>
-    <grpc.version>1.77.0</grpc.version>
+    <grpc.version>1.80.0</grpc.version>
     <jackson.version>2.18.4.1</jackson.version>
     <javax.servlet.version>3.1.0</javax.servlet.version>
     <jna.version>5.13.0</jna.version>
     <json.smart.version>2.5.2</json.smart.version>
     <jsoup.version>1.15.3</jsoup.version>
     <metrics.version>2.2.0</metrics.version>
-    <netty.version>4.1.130.Final</netty.version>
+    <netty.version>4.1.132.Final</netty.version>
     <nimbusds.version>10.6</nimbusds.version>
     <nimbusds.oauth2.version>11.30.1</nimbusds.oauth2.version>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -106,6 +107,11 @@
         <type>pom</type>
         <scope>import</scope>
       </dependency>
+      <dependency>
+        <groupId>org.codehaus.mojo</groupId>
+        <artifactId>animal-sniffer-annotations</artifactId>
+        <version>${animal.sniffer.annotations.version}</version>
+      </dependency>
     </dependencies>
   </dependencyManagement>