diff --git a/.deny.toml b/.deny.toml
index 28af0204d..8a379fa55 100644
--- a/.deny.toml
+++ b/.deny.toml
@@ -7,6 +7,9 @@ db-urls = ["https://github.com/rustsec/advisory-db"]
 ignore = [
   # pyoxidizer is stuck on an old ring version
   "RUSTSEC-2025-0009",
+  "RUSTSEC-2025-0010",
+  # burn depends on an unmaintained package 'paste'
+  "RUSTSEC-2024-0436",
 ]
 
 [licenses]
diff --git a/Cargo.lock b/Cargo.lock
index f95c5c700..43ba771aa 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1288,9 +1288,9 @@ dependencies = [
 
 [[package]]
 name = "crossbeam-channel"
-version = "0.5.13"
+version = "0.5.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "33480d6946193aa8033910124896ca395333cae7e2d1113d1fef6c3272217df2"
+checksum = "82b8f8f868b36967f9606790d1903570de9ceaf870a7bf9fbbd3016d636a2cb2"
 dependencies = [
  "crossbeam-utils",
 ]
@@ -3377,7 +3377,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4979f22fdb869068da03c9f7528f8297c6fd2606bc3a4affe42e6a823fdb8da4"
 dependencies = [
  "cfg-if",
- "windows-targets 0.52.6",
+ "windows-targets 0.48.5",
 ]
 
 [[package]]
@@ -6202,9 +6202,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
 
 [[package]]
 name = "tokio"
-version = "1.40.0"
+version = "1.44.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e2b070231665d27ad9ec9b8df639893f46727666c6767db40317fbe920a5d998"
+checksum = "e6b88822cbe49de4185e3a4cbf8321dd487cf5fe0c5c65695fef6346371e9c48"
 dependencies = [
  "backtrace",
  "bytes",
@@ -6219,9 +6219,9 @@ dependencies = [
 
 [[package]]
 name = "tokio-macros"
-version = "2.4.0"
+version = "2.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752"
+checksum = "6e06d43f1345a3bcd39f6a56dbb7dcab2ba47e68e8ac134855e7e2bdbaf8cab8"
 dependencies = [
  "proc-macro2",
  "quote",
diff --git a/cargo/licenses.json b/cargo/licenses.json
index ca3eacd6a..16bc32fac 100644
--- a/cargo/licenses.json
+++ b/cargo/licenses.json
@@ -757,7 +757,7 @@
   },
   {
     "name": "crossbeam-channel",
-    "version": "0.5.13",
+    "version": "0.5.15",
     "authors": null,
     "repository": "https://github.com/crossbeam-rs/crossbeam",
     "license": "Apache-2.0 OR MIT",
@@ -4087,7 +4087,7 @@
   },
   {
     "name": "tokio",
-    "version": "1.40.0",
+    "version": "1.44.2",
     "authors": "Tokio Contributors <team@tokio.rs>",
     "repository": "https://github.com/tokio-rs/tokio",
     "license": "MIT",
@@ -4096,7 +4096,7 @@
   },
   {
     "name": "tokio-macros",
-    "version": "2.4.0",
+    "version": "2.5.0",
     "authors": "Tokio Contributors <team@tokio.rs>",
     "repository": "https://github.com/tokio-rs/tokio",
     "license": "MIT",
diff --git a/tools/minilints/src/main.rs b/tools/minilints/src/main.rs
index 811f37b2b..dfe9bef89 100644
--- a/tools/minilints/src/main.rs
+++ b/tools/minilints/src/main.rs
@@ -209,7 +209,7 @@ fn sveltekit_temp_file(path: &str) -> bool {
 }
 
 fn check_cargo_deny() -> Result<()> {
-    Command::run("cargo install cargo-deny@0.14.24")?;
+    Command::run("cargo install cargo-deny@0.18.2")?;
     Command::run("cargo deny check")?;
     Ok(())
 }