diff --git a/CHANGELOG.md b/CHANGELOG.md
index c79be6575..85c22b6b2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,9 +5,13 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [Unreleased]
 
+## 2.2.6 - 2024-03-23
+### Security
+* Fix Content-Type allowlist bypass vulnerability remained (@mshibuya [4317871](https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2), [GHSA-vfmv-jfc5-pjjw](https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw))
+
 ## 2.2.5 - 2023-11-29
 ### Security
-* Fix Content-Type allowlist bypass vulnerability, possibly leading to XSS (@mshibuya, [39b282d](https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5), [GHSA-gxhx-g4fq-49hj](https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj))
+* Fix Content-Type allowlist bypass vulnerability, possibly leading to XSS (@mshibuya [39b282d](https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5), [GHSA-gxhx-g4fq-49hj](https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj))
 
 ## 2.2.4 - 2023-06-10
 ### Fixed
diff --git a/lib/carrierwave/version.rb b/lib/carrierwave/version.rb
index db9173f21..e9a6c4002 100644
--- a/lib/carrierwave/version.rb
+++ b/lib/carrierwave/version.rb
@@ -1,3 +1,3 @@
 module CarrierWave
-  VERSION = "2.2.5"
+  VERSION = "2.2.6"
 end