diff --git a/CHANGELOG.md b/CHANGELOG.md
index 70505c9e5719ceba2d40ba2b6c1b197e8eefe603..f66c4ca07a1a300bc6d180954bb6fa82fca3c8f4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -48,9 +48,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - #14 - Handle files on file system without File entity: Those entries are
   returned without ID but with a notice now.
 
+* #11 - pam_authentication leaks the password to unprivileged processes on the
+  same machine.
+
 ### Security (in case of vulnerabilities)
 
 - TLS is by default restricted to v1.2 and v1.3 now.
+* #11 - pam_authentication leaks the password to unprivileged processes on the
+  same machine.
 
 
 ## [0.1.0] - 2018-10-09