From d4ff4ca9d5e0f02c2a938b532ed575e5f74a15bb Mon Sep 17 00:00:00 2001
From: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Date: Thu, 28 May 2026 17:47:37 +0200
Subject: [PATCH] website/docs: 2026.2.4 release notes (#22720)

* website/docs: 2026.2.4 release notes

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* spellcheck

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fixup

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

---------

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
---
 website/docs/releases/2026/v2026.2.md | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/website/docs/releases/2026/v2026.2.md b/website/docs/releases/2026/v2026.2.md
index fdf3725617..80c9ac1a8e 100644
--- a/website/docs/releases/2026/v2026.2.md
+++ b/website/docs/releases/2026/v2026.2.md
@@ -3,7 +3,7 @@ title: Release 2026.2
 slug: "/releases/2026.2"
 ---
 
-<!-- spellchecker:ignore πthon -->
+<!-- spellchecker:ignore fqxr xjjx πthon -->
 
 ## Highlights
 
@@ -392,6 +392,16 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2026.2
 - web/flows: prevent leader tab deadlock in continuous login flow (cherry-pick #21583 to version-2026.2) (#21627)
 - web/packages: Rework SFE rendering (cherry-pick #21833 to version-2026.2) (#21850)
 
+## Fixed in 2026.2.4
+
+- core: bump goauthentik/fips-python from 3.14.3-slim-trixie-fips to 3.14.5-slim-trixie-fips in /lifecycle/container (cherry-pick #22518 to version-2026.2) (#22528)
+- core: fix filter_not_expired not accepting positional arguments (#22690)
+- endpoints/connectors/agent: allow federated auth via ssh hostkey lookup (cherry-pick #22594 to version-2026.2) (#22596)
+- outposts: fix stale version in OutpostState (cherry-pick #22487 to version-2026.2) (#22504)
+- security: CVE-2026-47201
+- security: GHSA-wr38-7xg8-fqxr
+- security: GHSA-xp7f-xjjx-gwm8
+
 ## API Changes
 
 ### authentik (v2026.2.0)