diff --git a/.changeset/pre.json b/.changeset/pre.json
index 0519d39..cdb0073 100644
--- a/.changeset/pre.json
+++ b/.changeset/pre.json
@@ -21,6 +21,7 @@
     "auth-context-globalthis",
     "auth-proto-authorization",
     "auth-v2-features",
+    "bump-otel-0-215",
     "ci-oidc-provenance",
     "code-review-fixes",
     "compile-before-publish",
@@ -40,6 +41,7 @@
     "publickey-priority",
     "security-improvements",
     "security-overrides",
+    "security-protobufjs-basic-ftp-fixes",
     "serializer-opt-in",
     "testing-utilities-package",
     "transport-http1-mode",
diff --git a/packages/auth/CHANGELOG.md b/packages/auth/CHANGELOG.md
index b5b734e..20a3593 100644
--- a/packages/auth/CHANGELOG.md
+++ b/packages/auth/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @connectum/auth
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- Updated dependencies []:
+  - @connectum/core@1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ### Minor Changes
diff --git a/packages/auth/package.json b/packages/auth/package.json
index 06fd6a0..f746104 100644
--- a/packages/auth/package.json
+++ b/packages/auth/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/auth",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "Authentication and authorization interceptors for Connectum",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/cli/CHANGELOG.md b/packages/cli/CHANGELOG.md
index 1dcb7ac..1d1d471 100644
--- a/packages/cli/CHANGELOG.md
+++ b/packages/cli/CHANGELOG.md
@@ -1,5 +1,7 @@
 # @connectum/cli
 
+## 1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ## 1.0.0-rc.9
diff --git a/packages/cli/package.json b/packages/cli/package.json
index 6f24547..3024203 100644
--- a/packages/cli/package.json
+++ b/packages/cli/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/cli",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "CLI tools for Connectum framework: proto sync, service discovery",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/core/CHANGELOG.md b/packages/core/CHANGELOG.md
index dc04f14..b903a92 100644
--- a/packages/core/CHANGELOG.md
+++ b/packages/core/CHANGELOG.md
@@ -1,5 +1,7 @@
 # @connectum/core
 
+## 1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ## 1.0.0-rc.9
diff --git a/packages/core/package.json b/packages/core/package.json
index c6aaa0c..5e375fa 100644
--- a/packages/core/package.json
+++ b/packages/core/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/core",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "Main server factory with protocol plugin system for Connectum",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/events-amqp/CHANGELOG.md b/packages/events-amqp/CHANGELOG.md
index ca1b721..ca87cdf 100644
--- a/packages/events-amqp/CHANGELOG.md
+++ b/packages/events-amqp/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @connectum/events-amqp
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- Updated dependencies []:
+  - @connectum/events@1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ### Patch Changes
diff --git a/packages/events-amqp/package.json b/packages/events-amqp/package.json
index 10510d4..8684775 100644
--- a/packages/events-amqp/package.json
+++ b/packages/events-amqp/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/events-amqp",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "AMQP/RabbitMQ adapter for @connectum/events",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/events-kafka/CHANGELOG.md b/packages/events-kafka/CHANGELOG.md
index 1dcb142..1ad424a 100644
--- a/packages/events-kafka/CHANGELOG.md
+++ b/packages/events-kafka/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @connectum/events-kafka
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- Updated dependencies []:
+  - @connectum/events@1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ### Patch Changes
diff --git a/packages/events-kafka/package.json b/packages/events-kafka/package.json
index e759c0c..8899632 100644
--- a/packages/events-kafka/package.json
+++ b/packages/events-kafka/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/events-kafka",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "Kafka/Redpanda adapter for @connectum/events",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/events-nats/CHANGELOG.md b/packages/events-nats/CHANGELOG.md
index d918244..436c877 100644
--- a/packages/events-nats/CHANGELOG.md
+++ b/packages/events-nats/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @connectum/events-nats
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- Updated dependencies []:
+  - @connectum/events@1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ### Patch Changes
diff --git a/packages/events-nats/package.json b/packages/events-nats/package.json
index 370871b..af04ea4 100644
--- a/packages/events-nats/package.json
+++ b/packages/events-nats/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/events-nats",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "NATS JetStream adapter for @connectum/events",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/events-redis/CHANGELOG.md b/packages/events-redis/CHANGELOG.md
index 9bd8c9e..7e273d7 100644
--- a/packages/events-redis/CHANGELOG.md
+++ b/packages/events-redis/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @connectum/events-redis
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- Updated dependencies []:
+  - @connectum/events@1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ### Patch Changes
diff --git a/packages/events-redis/package.json b/packages/events-redis/package.json
index e3ee29c..1ba645c 100644
--- a/packages/events-redis/package.json
+++ b/packages/events-redis/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/events-redis",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "Redis Streams adapter for @connectum/events",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/events/CHANGELOG.md b/packages/events/CHANGELOG.md
index dbbd5cf..7f83aa7 100644
--- a/packages/events/CHANGELOG.md
+++ b/packages/events/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @connectum/events
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- Updated dependencies []:
+  - @connectum/core@1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ### Minor Changes
diff --git a/packages/events/package.json b/packages/events/package.json
index f9f1e1f..e47b917 100644
--- a/packages/events/package.json
+++ b/packages/events/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/events",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "Universal event adapter layer for Connectum: proto-first pub/sub with pluggable broker adapters",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/healthcheck/CHANGELOG.md b/packages/healthcheck/CHANGELOG.md
index 1fd01c9..4bc9804 100644
--- a/packages/healthcheck/CHANGELOG.md
+++ b/packages/healthcheck/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @connectum/healthcheck
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- Updated dependencies []:
+  - @connectum/core@1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ### Patch Changes
diff --git a/packages/healthcheck/package.json b/packages/healthcheck/package.json
index 204f474..55a0263 100644
--- a/packages/healthcheck/package.json
+++ b/packages/healthcheck/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/healthcheck",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "Healthcheck protocol for Connectum: gRPC Health Check + HTTP endpoints",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/interceptors/CHANGELOG.md b/packages/interceptors/CHANGELOG.md
index d20b110..5db84c8 100644
--- a/packages/interceptors/CHANGELOG.md
+++ b/packages/interceptors/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @connectum/interceptors
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- Updated dependencies []:
+  - @connectum/core@1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ### Patch Changes
diff --git a/packages/interceptors/package.json b/packages/interceptors/package.json
index bbfdc4e..b53b785 100644
--- a/packages/interceptors/package.json
+++ b/packages/interceptors/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/interceptors",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "ConnectRPC interceptors for Connectum",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/otel/CHANGELOG.md b/packages/otel/CHANGELOG.md
index d9d6f25..b88d27a 100644
--- a/packages/otel/CHANGELOG.md
+++ b/packages/otel/CHANGELOG.md
@@ -1,5 +1,41 @@
 # @connectum/otel
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- [#98](https://github.com/Connectum-Framework/connectum/pull/98) [`15f4dbb`](https://github.com/Connectum-Framework/connectum/commit/15f4dbbe919041e1b7337fe30b3243baf55a0129) Thanks [@intech](https://github.com/intech)! - Bump OpenTelemetry SDK to 0.215.0 / v2.7.0 and semantic conventions to 1.40.0.
+
+  Highlights (auto-gain, no API changes in `@connectum/otel`):
+
+  - Hand-rolled `ProtobufLogsSerializer` (PR open-telemetry/opentelemetry-js#6390, v0.215.0) — +67–73% throughput for typical batch sizes (100–1024 logs); +72% at 512 logs, +67% at 1024 logs per upstream benchmarks in PR [#6228](https://github.com/Connectum-Framework/connectum/issues/6228)
+  - `cardinalitySelector` support in `PeriodicExportingMetricReader` (PR [#6460](https://github.com/Connectum-Framework/connectum/issues/6460), v2.7.0) — protection against cardinality explosion on high-variance attributes
+  - SDK self-observability: span + log creation metrics (PRs [#6213](https://github.com/Connectum-Framework/connectum/issues/6213), [#6433](https://github.com/Connectum-Framework/connectum/issues/6433))
+  - Internal `mergeTwoObjects` safety checks (PR [#6587](https://github.com/Connectum-Framework/connectum/issues/6587), v2.7.0) — additional guards against unsafe key merges
+  - Updated semantic conventions (semconv v1.40.0) — stable RPC attributes including `rpc.response.status_code` and `error.type` (stabilized in semconv v1.39.0)
+
+  Breaking changes upstream that do NOT affect `@connectum/otel` (verified):
+
+  - Custom `LogRecordExporter.forceFlush()` requirement — not applicable (we use stock exporters only)
+  - gRPC exporter config `headers` field removal — not applicable (`CollectorOptions` has no `headers`)
+
+- [#99](https://github.com/Connectum-Framework/connectum/pull/99) [`5b3f01d`](https://github.com/Connectum-Framework/connectum/commit/5b3f01d8fdbe50afe1c3b074cf08f40f4f00458f) Thanks [@intech](https://github.com/intech)! - security(deps): force patched versions of protobufjs and basic-ftp via pnpm overrides
+
+  Resolves Dependabot alerts on main branch:
+
+  - **GHSA-xq3m-2v4x-88gg** (Critical) — Arbitrary code execution in protobufjs < 7.5.5
+    (transitive via `@grpc/proto-loader` under OTel gRPC exporters).
+  - **GHSA-xq3m-2v4x-88gg** (Critical) — Arbitrary code execution in protobufjs 8.0.0
+    (transitive via `@opentelemetry/otlp-transformer`).
+  - **GHSA-chqc-8p9q-pq6q** (High) — basic-ftp 5.2.0 FTP Command Injection via CRLF
+    (dev-only transitive via `@exodus/test` → puppeteer-core).
+  - **GHSA-6v7q-wjvx-w8wg** (High) — basic-ftp ≤ 5.2.1 incomplete CRLF protection
+    (dev-only transitive via `@exodus/test` → puppeteer-core).
+
+  No runtime API changes. Only `pnpm.overrides` in the monorepo root were adjusted
+  to force patched transitive versions: `protobufjs@<7.5.5 → 7.5.5`,
+  `protobufjs@>=8.0.0 <8.0.1 → 8.0.1`, `basic-ftp@<5.2.2 → 5.2.2`.
+
 ## 1.0.0-rc.10
 
 ## 1.0.0-rc.9
diff --git a/packages/otel/package.json b/packages/otel/package.json
index 8c5f781..123912a 100644
--- a/packages/otel/package.json
+++ b/packages/otel/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/otel",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "OpenTelemetry instrumentation for Connectum",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/reflection/CHANGELOG.md b/packages/reflection/CHANGELOG.md
index ff5ce04..7cd367d 100644
--- a/packages/reflection/CHANGELOG.md
+++ b/packages/reflection/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @connectum/reflection
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- Updated dependencies []:
+  - @connectum/core@1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ### Patch Changes
diff --git a/packages/reflection/package.json b/packages/reflection/package.json
index 211f6f3..82a8947 100644
--- a/packages/reflection/package.json
+++ b/packages/reflection/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/reflection",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "gRPC Server Reflection protocol for Connectum (v1 + v1alpha)",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/packages/testing/CHANGELOG.md b/packages/testing/CHANGELOG.md
index 8216581..21a38ee 100644
--- a/packages/testing/CHANGELOG.md
+++ b/packages/testing/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @connectum/testing
 
+## 1.0.0-rc.11
+
+### Patch Changes
+
+- Updated dependencies []:
+  - @connectum/core@1.0.0-rc.11
+
 ## 1.0.0-rc.10
 
 ### Patch Changes
diff --git a/packages/testing/package.json b/packages/testing/package.json
index 0b8a143..5b9d1a6 100644
--- a/packages/testing/package.json
+++ b/packages/testing/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@connectum/testing",
-  "version": "1.0.0-rc.10",
+  "version": "1.0.0-rc.11",
   "description": "Testing utilities for Connectum",
   "private": false,
   "type": "module",