diff --git a/CHANGELOG.md b/CHANGELOG.md
index 767cde7b1f..7bdb02ef93 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,7 +17,7 @@
 - DigitalOcean provider support added
 
 ## Important Notes
-N/A
+- (Security) Fix for open redirect vulnerability..  a bad actor using `/\` in redirect URIs can redirect a session to another domain
 
 ## Breaking Changes