diff --git a/CHANGELOG.md b/CHANGELOG.md
index 59bd8831f7..5f52cd35e9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -43,6 +43,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 ### Fixed
  - [BUG] JarHell caused by latest software.amazon.awssdk 2.20.141 ([#616](https://github.com/opensearch-project/opensearch-java/pull/616))
 - Don't over-allocate in HeapBufferedAsyncEntityConsumer in order to consume the response ([#620](https://github.com/opensearch-project/opensearch-java/pull/620))
+- Fixed CVE-2976 + added CVE checker ([#624](https://github.com/opensearch-project/opensearch-java/pull/624))
 
 ### Security
 
diff --git a/java-client/build.gradle.kts b/java-client/build.gradle.kts
index 506ac20046..9ebb339750 100644
--- a/java-client/build.gradle.kts
+++ b/java-client/build.gradle.kts
@@ -52,8 +52,10 @@ plugins {
     checkstyle
     `maven-publish`
     id("com.github.jk1.dependency-license-report") version "2.5"
+    id("org.owasp.dependencycheck") version "8.4.0"
 }
 apply(plugin = "opensearch.repositories")
+apply(plugin = "org.owasp.dependencycheck")
 
 configurations {
     all {
@@ -62,7 +64,7 @@ configurations {
 }
 
 checkstyle {
-    toolVersion = "10.0"
+    toolVersion = "10.12.3"
 }
 
 java {