diff --git a/CHANGELOG.md b/CHANGELOG.md
index 36c9d6e9..88e66d54 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,10 @@
+## [4.10.19](https://github.com/parse-community/parse-server/compare/4.10.18...4.10.19) (2022-11-09)
+
+
+### Bug Fixes
+
+* Parse Server option `requestKeywordDenylist` can be bypassed via Cloud Code Webhooks or Triggers; fixes security vulnerability [GHSA-xprv-wvh7-qqqx](https://github.com/parse-community/parse-server/security/advisories/GHSA-xprv-wvh7-qqqx) ([#8301](https://github.com/parse-community/parse-server/issues/8301)) ([0a2d412](https://github.com/parse-community/parse-server/commit/0a2d412e265992d53a670011afd9d2578562adc3))
+
 ## [4.10.18](https://github.com/parse-community/parse-server/compare/4.10.17...4.10.18) (2022-11-07)
 
 
diff --git a/package-lock.json b/package-lock.json
index afb12008..6b65cbe3 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "parse-server",
-  "version": "4.10.18",
+  "version": "4.10.19",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/package.json b/package.json
index 7a782a7a..4af113d7 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parse-server",
-  "version": "4.10.18",
+  "version": "4.10.19",
   "description": "An express module providing a Parse-compatible API server",
   "main": "lib/index.js",
   "repository": {