diff --git a/requirements/base.in b/requirements/base.in
index 0dd81d12..c5a6a49d 100644
--- a/requirements/base.in
+++ b/requirements/base.in
@@ -1,4 +1,4 @@
-open-api-framework
+git+https://github.com/maykinmedia/open-api-framework.git@issue/93-security-patches
 
 # Core python libraries
 glom # data represenation based on spec
diff --git a/requirements/base.txt b/requirements/base.txt
index 47cb62e8..1497dcd4 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -74,7 +74,7 @@ cryptography==42.0.4
     #   mozilla-django-oidc
     #   pyopenssl
     #   webauthn
-django==4.2.15
+django==4.2.17
     # via
     #   commonground-api-common
     #   django-admin-index
@@ -228,7 +228,7 @@ isodate==0.6.0
     # via commonground-api-common
 itypes==1.2.0
     # via coreapi
-jinja2==3.1.4
+jinja2==3.1.5
     # via coreschema
 josepy==1.9.0
     # via mozilla-django-oidc
@@ -252,7 +252,7 @@ notifications-api-common[setup-configuration]==0.4.0
     # via
     #   -r requirements/base.in
     #   commonground-api-common
-open-api-framework==0.9.1
+open-api-framework @ git+https://github.com/maykinmedia/open-api-framework.git@issue/93-security-patches
     # via -r requirements/base.in
 orderedmultidict==1.0.1
     # via furl
@@ -337,7 +337,7 @@ six==1.16.0
     #   qrcode
 sqlparse==0.5.0
     # via django
-tornado==6.4.1
+tornado==6.4.2
     # via flower
 typing-extensions==4.9.0
     # via
diff --git a/requirements/ci.txt b/requirements/ci.txt
index af40972f..45a993f2 100644
--- a/requirements/ci.txt
+++ b/requirements/ci.txt
@@ -129,7 +129,7 @@ cryptography==42.0.4
     #   webauthn
 cssselect==1.1.0
     # via pyquery
-django==4.2.15
+django==4.2.17
     # via
     #   -r requirements/base.txt
     #   commonground-api-common
@@ -381,7 +381,7 @@ itypes==1.2.0
     # via
     #   -r requirements/base.txt
     #   coreapi
-jinja2==3.1.4
+jinja2==3.1.5
     # via
     #   -r requirements/base.txt
     #   coreschema
@@ -426,7 +426,7 @@ notifications-api-common[setup-configuration]==0.4.0
     # via
     #   -r requirements/base.txt
     #   commonground-api-common
-open-api-framework==0.9.1
+open-api-framework @ git+https://github.com/maykinmedia/open-api-framework.git@issue/93-security-patches
     # via -r requirements/base.txt
 orderedmultidict==1.0.1
     # via
@@ -617,7 +617,7 @@ tblib==1.7.0
     # via -r requirements/test-tools.in
 text-unidecode==1.3
     # via faker
-tornado==6.4.1
+tornado==6.4.2
     # via
     #   -r requirements/base.txt
     #   flower
@@ -656,7 +656,7 @@ vine==5.1.0
     #   amqp
     #   celery
     #   kombu
-waitress==2.1.2
+waitress==3.0.1
     # via webtest
 wcwidth==0.2.13
     # via
diff --git a/requirements/dev.txt b/requirements/dev.txt
index 8adf6677..450c805e 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -132,7 +132,7 @@ cryptography==42.0.4
     #   webauthn
 cssselect==1.1.0
     # via pyquery
-django==4.2.15
+django==4.2.17
     # via
     #   -r requirements/base.txt
     #   commonground-api-common
@@ -388,7 +388,7 @@ itypes==1.2.0
     # via
     #   -r requirements/base.txt
     #   coreapi
-jinja2==3.1.4
+jinja2==3.1.5
     # via
     #   -r requirements/base.txt
     #   coreschema
@@ -433,7 +433,7 @@ notifications-api-common[setup-configuration]==0.4.0
     # via
     #   -r requirements/base.txt
     #   commonground-api-common
-open-api-framework==0.9.1
+open-api-framework @ git+https://github.com/maykinmedia/open-api-framework.git@issue/93-security-patches
     # via -r requirements/base.txt
 orderedmultidict==1.0.1
     # via
@@ -627,7 +627,7 @@ tblib==1.7.0
     # via -r requirements/test-tools.in
 text-unidecode==1.3
     # via faker
-tornado==6.4.1
+tornado==6.4.2
     # via
     #   -r requirements/base.txt
     #   flower
@@ -666,7 +666,7 @@ vine==5.1.0
     #   amqp
     #   celery
     #   kombu
-waitress==2.1.2
+waitress==3.0.1
     # via webtest
 wcwidth==0.2.13
     # via