Visit NES for Hazelcast Home Page
Hazelcast 5.1.x Release Notes
2 versions
Comprehensive release notes and changelog for Hazelcast 5.1.x, including security patches, bug fixes, and feature updates across all supported versions.
July 2026
5.1.9
Released Jul 16, 2026 Full Version:
5.1.7-hazelcast-5.1.9
Security Fixes
- Missing permission checks on some Hazelcast client protocol operations (CVE-2023-45859)
- Inadequate permission checking in the SQL mapping for the CSV File Source connector (CVE-2023-45860)
Dependency Updates
- Bundled (shaded) Jackson rebuilt on Jackson (NES)
2.15.4-jackson-bom-2.15.6, which includes the jackson-core fix for GHSA-72hv-8253-57qq (Number Length Constraint Bypass in Async Parser) - Bundled (shaded) JSON-java (org.json) rebuilt on JSON-java (NES)
20230227.0.0-jsonjava-20230227.0.2, which includes the fix for CVE-2023-5072 (denial of service via crafted JSON with deeply nested object keys)
5.1.8
Released Jul 15, 2026 Full Version:
5.1.7-hazelcast-5.1.8
Dependency Updates
- Bundled (shaded) Jackson rebuilt on Jackson (NES)
2.15.4-jackson-bom-2.15.5 - Bundled (shaded) JSON-java (org.json) rebuilt on JSON-java (NES)
20230227.0.0-jsonjava-20230227.0.1
Notes
- This release originates from the open-source Hazelcast project forked by HeroDevs. It encompasses modifications implemented by HeroDevs to ensure successful framework builds.
Stay in the loop
~/herodevs-spring-framework-support
herodevs@nes:open-source$ ./display-support-info.sh