website/docs: 2026.2.4 release notes (#22720)

* website/docs: 2026.2.4 release notes

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* spellcheck

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fixup

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

---------

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

website/docs/releases/2026/v2026.2.md

@@ -3,7 +3,7 @@ title: Release 2026.2
 slug: "/releases/2026.2"
 ---
 
-<!-- spellchecker:ignore πthon -->
+<!-- spellchecker:ignore fqxr xjjx πthon -->
 
 ## Highlights
 
@@ -392,6 +392,16 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2026.2
 - web/flows: prevent leader tab deadlock in continuous login flow (cherry-pick #21583 to version-2026.2) (#21627)
 - web/packages: Rework SFE rendering (cherry-pick #21833 to version-2026.2) (#21850)
 
+## Fixed in 2026.2.4
+
+- core: bump goauthentik/fips-python from 3.14.3-slim-trixie-fips to 3.14.5-slim-trixie-fips in /lifecycle/container (cherry-pick #22518 to version-2026.2) (#22528)
+- core: fix filter_not_expired not accepting positional arguments (#22690)
+- endpoints/connectors/agent: allow federated auth via ssh hostkey lookup (cherry-pick #22594 to version-2026.2) (#22596)
+- outposts: fix stale version in OutpostState (cherry-pick #22487 to version-2026.2) (#22504)
+- security: CVE-2026-47201
+- security: GHSA-wr38-7xg8-fqxr
+- security: GHSA-xp7f-xjjx-gwm8
+
 ## API Changes
 
 ### authentik (v2026.2.0)