vaadin/platform 24.10.6

Vaadin 24.10.6

on GitHub

This is a maintenance release for Vaadin 24.10. See 24.10.0 release notes for details and resources.

Changelogs

• Flow (24.10.5) and Hilla (24.10.5)
• Design System
  • Web Components (24.10.3)
  • Flow Components (24.10.6)
• TestBench (9.6.0)
• Feature Pack(24.8.5)
• Modernization Toolkit (Documentation)
  • Feature Pack (Documentation)
  • Dragonfly (Documentation)
  • Modernization Toolkit Analyzer (Analyzer for Eclipse, Analyzer for Maven)
• Multiplatform Runtime (MPR) (7.1.0-alpha1)
• Router (2.0.1)
• Vaadin Kits
  • AppSec Kit (3.4.3)
  • Azure Kit (1.0.0)
  • Collaboration Engine (6.6.0)
  • Control Center (1.4.6)
  • Copilot (24.10.5)
  • Kubernetes Kit (2.6.0)
  • Observability Kit (3.2.1)
  • SSO Kit (3.2.4)
  • Swing Kit (2.4.2)

Official add-ons and plugins:

• Spring add-on (24.10.5)
• CDI add-on (15.2.2)
• Maven plugin (24.10.6)
• Gradle plugin (24.10.6)
• Quarkus plugin (2.2.4)

Note:

We are aware of the following CVEs (CVE-2026-43515, CVE-2026-43513, CVE-2026-43514, CVE-2026-42498, CVE-2026-41284, CVE-2026-43512, CVE-2026-41293) from Tomcat, which is a transitive dependency from SpringBoot 4.0.5. Tomcat is a runtime deployment choice made by application developers, which Vaadin does not use or depend on. You can be upgraded on the application side to Tomcat 9.0.118+, 10.1.55+ or 11.0.22+. The corresponding updates will come in their next releases (SpringBoot 3.5.15).