diff --git a/dependencyCheckSuppression.xml b/dependencyCheckSuppression.xml
index 84bd7efb39..4ff8e59363 100644
--- a/dependencyCheckSuppression.xml
+++ b/dependencyCheckSuppression.xml
@@ -319,17 +319,122 @@
-->
+ file name: mcp-spring-webmvc-2.0.0-M3.jar
+ ]]>
^pkg:maven/org\.springframework\.ai/mcp-spring-webmvc@.*$
cpe:/a:vmware:server
+ file name: mcp-spring-webmvc-2.0.0-M3.jar
+ ]]>
^pkg:maven/org\.springframework\.ai/mcp-spring-webmvc@.*$
cpe:/a:vmware:vmware_server
+
+
+
+ ^pkg:maven/com\.microsoft\.kiota/microsoft-kiota-abstractions@.*$
+ CVE-2026-41134
+
+
+
+ ^pkg:maven/com\.microsoft\.kiota/microsoft-kiota-authentication-azure@.*$
+ CVE-2026-41134
+
+
+
+ ^pkg:maven/com\.microsoft\.kiota/microsoft-kiota-http-okHttp@.*$
+ CVE-2026-41134
+
+
+
+ ^pkg:maven/com\.microsoft\.kiota/microsoft-kiota-serialization-form@.*$
+ CVE-2026-41134
+
+
+
+ ^pkg:maven/com\.microsoft\.kiota/microsoft-kiota-serialization-json@.*$
+ CVE-2026-41134
+
+
+
+ ^pkg:maven/com\.microsoft\.kiota/microsoft-kiota-serialization-multipart@.*$
+ CVE-2026-41134
+
+
+
+ ^pkg:maven/com\.microsoft\.kiota/microsoft-kiota-serialization-text@.*$
+ CVE-2026-41134
+
+
+
+
+
+ ^pkg:maven/com\.networknt/json-schema-validator@.*$
+ CVE-2025-15104
+
+
+
+
+
+ ^pkg:maven/com\.azure/azure-core@.*$
+ CVE-2026-33117
+
+
+
+ ^pkg:maven/com\.azure/azure-core-http-netty@.*$
+ cpe:/a:microsoft:azure_sdk_for_java
+
+
+
+ ^pkg:maven/com\.azure/azure-identity@.*$
+ cpe:/a:microsoft:azure_identity_sdk
+
+
+
+ ^pkg:maven/com\.azure/azure-identity@.*$
+ cpe:/a:microsoft:azure_sdk_for_java
+
+
+
+ ^pkg:maven/com\.azure/azure-json@.*$
+ cpe:/a:microsoft:azure_sdk_for_java
+
diff --git a/gradle.properties b/gradle.properties
index 9d618308c4..7a7c5bcdc3 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -105,7 +105,7 @@ apacheTomcatVersion=11.0.22
asmVersion=9.9.1
# Microsoft library for sending OAuth2-authenticated notification emails via the Microsoft Graph API
-azureIdentityVersion=1.18.2
+azureIdentityVersion=1.18.3
# Apache Batik -- Batik version needs to be compatible with Apache FOP, but we need to pull in batik-codec separately
batikVersion=1.19