diff --git a/sonarqube.yaml b/sonarqube.yaml
index 54f7c027ba1..f1f110d9a5a 100644
--- a/sonarqube.yaml
+++ b/sonarqube.yaml
@@ -1,7 +1,7 @@
 package:
   name: sonarqube
-  version: "25.12.0.117093"
-  epoch: 2 # GHSA-qf7c-7r9h-mm92, GHSA-vc5p-v9hr-52mj
+  version: "26.1.0.118079"
+  epoch: 0 # GHSA-qf7c-7r9h-mm92, GHSA-vc5p-v9hr-52mj
   description: SonarQube is an open source platform for continuous inspection of code quality (Community Build)
   copyright:
     - license: LGPL-3.0-or-later
@@ -22,12 +22,12 @@ environment:
       - ca-certificates-bundle
       - nodejs-18
       - npm
-      - openjdk-17-default-jdk
+      - openjdk-21-default-jdk
       - yarn
       - zstd-dev
   environment:
     LANG: en_US.UTF-8
-    JAVA_HOME: /usr/lib/jvm/java-17-openjdk
+    JAVA_HOME: /usr/lib/jvm/java-21-openjdk
 
 var-transforms:
   - from: ${{package.version}}
@@ -40,9 +40,7 @@ pipeline:
     with:
       repository: https://github.com/SonarSource/sonarqube
       tag: ${{package.version}}
-      expected-commit: bd7a1254715e0df950e61d05c9a07cb1ba42552b
-      cherry-picks: |
-        master/c6894b30d37bcfb0d093a3bffb8a31744ca2b489: GHSA-m9gh-789g-q5pv
+      expected-commit: 0695ca177c73c89db330c94682e80d42d697336c
 
   - name: Bump elasticsearch to 8.19.9 to remediate GHSA-qf7c-7r9h-mm92 and GHSA-vc5p-v9hr-52mj
     runs: |
@@ -137,7 +135,7 @@ test:
         permissions: 0o770
     contents:
       packages:
-        - openjdk-17-default-jvm
+        - openjdk-21-default-jvm
         - bash
     environment:
       SONAR_JAVA_PATH: /usr/bin/java