From 4dee0a4ba1d5b18b4016c1222831b831a0f90e98 Mon Sep 17 00:00:00 2001
From: Minh141120 <minh.itptit@gmail.com>
Date: Thu, 16 Oct 2025 13:08:09 +0700
Subject: [PATCH] docs: update changelog for Jan v0.7.2

---
 .../2025-10-16-jan-security-update.mdx        | 25 +++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 docs/src/pages/changelog/2025-10-16-jan-security-update.mdx

diff --git a/docs/src/pages/changelog/2025-10-16-jan-security-update.mdx b/docs/src/pages/changelog/2025-10-16-jan-security-update.mdx
new file mode 100644
index 000000000..3437cb66a
--- /dev/null
+++ b/docs/src/pages/changelog/2025-10-16-jan-security-update.mdx
@@ -0,0 +1,25 @@
+---
+title: "Jan v0.7.2: Security Update"
+version: 0.7.2
+description: "Jan v0.7.2 updates the happy-dom dependency to v20.0.0 to address a recently disclosed sandbox vulnerability."
+date: 2025-10-16
+---
+
+import ChangelogHeader from "@/components/Changelog/ChangelogHeader"
+import { Callout } from 'nextra/components'
+
+<ChangelogHeader title="Jan v0.7.2" date="2025-10-16" />
+
+## Jan v0.7.2: Security Update (happy-dom v20)
+
+This release focuses on **security and stability improvements**.  
+It updates the `happy-dom` dependency to the latest version to address a recently disclosed vulnerability.
+
+### Security Fix
+- Updated `happy-dom` to **^20.0.0**, preventing untrusted JavaScript executed within HAPPY DOM from accessing process-level functions and executing arbitrary code outside the intended sandbox.
+
+---
+
+Update your Jan or [download the latest version](https://jan.ai/).
+
+For the complete list of changes, see the [GitHub release notes](https://github.com/janhq/jan/releases/tag/v0.7.2).