vaadin/platform 25.1.6

Vaadin 25.1.6

on GitHub

This is a maintenance release for Vaadin 25.1. See 25.1.0 release notes for details and resources.

Changelogs

• Flow (25.1.7) and Hilla (25.1.5)
• Design System
  • Web Components (25.1.3)
  • Flow Components (25.1.6)
• TestBench (10.1.2)
• Browserless Test(1.0.0)
• Feature Pack(25.0.0)
• Modernization Toolkit (Documentation)
  • Feature Pack (Documentation)
  • Dragonfly (Documentation)
  • Modernization Toolkit Analyzer (Analyzer for Eclipse, Analyzer for Maven)
• Multiplatform Runtime (MPR) (8.0.1)
• Router (2.0.1)
• Vaadin Kits
  • AppSec Kit (4.0.2)
  • Azure Kit (1.0.0)
  • Collaboration Engine (7.0.0)
  • Copilot (25.1.5)
  • Kubernetes Kit (3.1.1)
  • Observability Kit (4.1.1)
  • SSO Kit (4.1.2)
  • Swing Kit (3.0.1)

Official add-ons and plugins:

• Spring add-on (25.1.7)
• CDI add-on (16.0.1)
• Maven plugin (25.1.6)
• Gradle plugin (25.1.6)
• Quarkus plugin (3.1.2)

Note:

We are aware of the following CVEs (CVE-2026-43515, CVE-2026-43513, CVE-2026-43514, CVE-2026-42498, CVE-2026-41284, CVE-2026-43512, CVE-2026-41293) from Tomcat, which is a transitive dependency from SpringBoot 4.0.6. Tomcat is a runtime deployment choice made by application developers, which Vaadin does not use or depend on. You can be upgraded on the application side to Tomcat 9.0.118+, 10.1.55+ or 11.0.22+. The corresponding updates will come in their next releases (SpringBoot 4.0.7).