diff --git a/pyproject.toml b/pyproject.toml
index ae19c3f..dcf5188 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -8,7 +8,7 @@ dependencies = [
     "cryptography>=46.0.7",  # CVE-2026-39892 - transitive dep via mcp->pyjwt[crypto]
     "fastapi>=0.135.3",
     "mcp>=1.27.0",
-    "pydantic>=2.13.2",
+    "pydantic>=2.13.3",
     "pydantic-settings>=2.13.1",
     "python-dotenv>=1.2.2",  # CVE-2026-28684 - transitive dep via pydantic-settings
     "python-multipart>=0.0.26",  # CVE-2026-40347 - transitive dep via fastapi
diff --git a/uv.lock b/uv.lock
index a8107af..71c3efb 100644
--- a/uv.lock
+++ b/uv.lock
@@ -696,7 +696,7 @@ requires-dist = [
     { name = "cryptography", specifier = ">=46.0.7" },
     { name = "fastapi", specifier = ">=0.135.3" },
     { name = "mcp", specifier = ">=1.27.0" },
-    { name = "pydantic", specifier = ">=2.13.2" },
+    { name = "pydantic", specifier = ">=2.13.3" },
     { name = "pydantic-settings", specifier = ">=2.13.1" },
     { name = "python-dotenv", specifier = ">=1.2.2" },
     { name = "python-multipart", specifier = ">=0.0.26" },