From 2e91a359f5c45a82b90446f12e79354f72611d6b Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Fri, 10 Oct 2025 23:02:37 +0300
Subject: [PATCH] Updated ChangeLog.

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b9e3ad1e7..4a67feb4c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -29,6 +29,8 @@ This release adds the following CRITICAL SECURITY FIXES:
   Thanks to Anynymous Security Researcher and xet7.
 - [Security Fix FG-VD-22-078: Prevent SVG Billion Laughs Attack](https://github.com/wekan/wekan/commit/30c1597b658b0ef50fd2efc56786e8b0f08ac72c).
   Thanks to Nguyen Thanh Nguyen of Fortinet's FortiGuard Labs and xet7.
+- [Security Fix JVN#14269684: Broken access control](https://github.com/wekan/wekan/commit/9720e703fd9432bf0e1bfea2358f8c7ea078f1b1).
+  Thanks to Ryoya Koyama of Mitsui Bussan Secure Directions, Inc and xet7.
 
 and adds the following new features: