diff --git a/CHANGELOG.md b/CHANGELOG.md
index 868949ea..f6f25ffd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,7 +4,8 @@ Jump directly to a version:
 
 | 4.x                                  |
 |--------------------------------------|
-| [**4.10.0 (latest release)**](#4100) |
+| [**4.10.1 (latest release)**](#4101) |
+| [4.10.0](#4100)                      |
 | [4.5.2](#452)                        |
 | [4.5.1](#451)                        |
 | [4.5.0](#450)                        |
@@ -91,7 +92,7 @@ Jump directly to a version:
 ___
 
 ## Unreleased (Master Branch)
-[Full Changelog](https://github.com/parse-community/parse-server/compare/4.10.0...master)
+[Full Changelog](https://github.com/parse-community/parse-server/compare/4.10.1...master)
 ### Breaking Changes
 - Improved schema caching through database real-time hooks. Reduces DB queries, decreases Parse Query execution time and fixes a potential schema memory leak. If multiple Parse Server instances connect to the same DB (for example behind a load balancer), set the [Parse Server Option](https://parseplatform.org/parse-server/api/master/ParseServerOptions.html) `databaseOptions.enableSchemaHooks: true` to enable this feature and keep the schema in sync across all instances. Failing to do so will cause a schema change to not propagate to other instances and re-syncing will only happen when these instances restart. The options `enableSingleSchemaCache` and `schemaCacheTTL` have been removed. To use this feature with MongoDB, a replica set cluster with [change stream](https://docs.mongodb.com/manual/changeStreams/#availability) support is required. (Diamond Lewis, SebC) [#7214](https://github.com/parse-community/parse-server/issues/7214)
 - Added file upload restriction. File upload is now only allowed for authenticated users by default for improved security. To allow file upload also for Anonymous Users or Public, set the `fileUpload` parameter in the [Parse Server Options](https://parseplatform.org/parse-server/api/master/ParseServerOptions.html) (dblythy, Manuel Trezza) [#7071](https://github.com/parse-community/parse-server/pull/7071)
@@ -144,6 +145,13 @@ ___
 - Add ability to pass context of an object via a header, X-Parse-Cloud-Context, for Cloud Code triggers. The header addition allows client SDK's to add context without injecting _context in the body of JSON objects (Corey Baker) [#7437](https://github.com/parse-community/parse-server/pull/7437)
 - Add CI check to add changelog entry (Manuel Trezza) [#7512](https://github.com/parse-community/parse-server/pull/7512)
 
+### 4.10.1
+[Full Changelog](https://github.com/parse-community/parse-server/compare/4.10.0...4.10.1)
+
+- Updated to Parse JS SDK 3.3.0 and other security fixes (Manuel Trezza) [#7508](https://github.com/parse-community/parse-server/pull/7508)
+
+> ⚠️ This includes a security fix of the Parse JS SDK where `logIn` will default to `POST` instead of `GET` method. This may require changes in your deployment before you upgrade to this release, see the Parse JS SDK 3.0.0 [release notes](https://github.com/parse-community/Parse-SDK-JS/releases/tag/3.0.0).
+
 ## 4.10.0
 [Full Changelog](https://github.com/parse-community/parse-server/compare/4.5.2...4.10.0)
 
diff --git a/package-lock.json b/package-lock.json
index 7b49b406..ef31740c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "parse-server",
-  "version": "4.10.0",
+  "version": "4.10.1",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -1273,11 +1273,21 @@
           "resolved": "https://registry.npmjs.org/@graphql-tools/schema/-/schema-8.1.1.tgz",
           "integrity": "sha512-u+0kxPtuP+GcKnGNt459Ob7iIpzesIJeJTmPPailaG7ZhB5hkXIizl4uHrzEIAh2Ja1P/VA8sEBYpu1N0n6Mmg==",
           "requires": {
+            "@graphql-tools/merge": "8.0.1",
             "@graphql-tools/utils": "8.1.1",
             "tslib": "~2.3.0",
             "value-or-promise": "1.0.10"
           },
           "dependencies": {
+            "@graphql-tools/merge": {
+              "version": "8.0.1",
+              "resolved": "https://registry.npmjs.org/@graphql-tools/merge/-/merge-8.0.1.tgz",
+              "integrity": "sha512-YAozogbjC2Oun+UcwG0LZFumhlCiHBmqe68OIf7bqtBdp4pbPAiVuK/J9oJqRVJmzvUqugo6RD9zz1qDTKZaiQ==",
+              "requires": {
+                "@graphql-tools/utils": "8.1.1",
+                "tslib": "~2.3.0"
+              }
+            },
             "@graphql-tools/utils": {
               "version": "8.1.1",
               "resolved": "https://registry.npmjs.org/@graphql-tools/utils/-/utils-8.1.1.tgz",
@@ -9062,9 +9072,9 @@
       "integrity": "sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ=="
     },
     "mongodb": {
-      "version": "3.6.10",
-      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.6.10.tgz",
-      "integrity": "sha512-fvIBQBF7KwCJnDZUnFFy4WqEFP8ibdXeFANnylW19+vOwdjOAvqIzPdsNCEMT6VKTHnYu4K64AWRih0mkFms6Q==",
+      "version": "3.6.11",
+      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.6.11.tgz",
+      "integrity": "sha512-4Y4lTFHDHZZdgMaHmojtNAlqkvddX2QQBEN0K//GzxhGwlI9tZ9R0vhbjr1Decw+TF7qK0ZLjQT292XgHRRQgw==",
       "requires": {
         "bl": "^2.2.1",
         "bson": "^1.1.4",
diff --git a/package.json b/package.json
index 4e305237..c58d75dd 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parse-server",
-  "version": "4.10.0",
+  "version": "4.10.1",
   "description": "An express module providing a Parse-compatible API server",
   "main": "lib/index.js",
   "repository": {
@@ -45,7 +45,7 @@
     "lodash": "4.17.21",
     "lru-cache": "5.1.1",
     "mime": "2.5.2",
-    "mongodb": "3.6.10",
+    "mongodb": "3.6.11",
     "mustache": "4.2.0",
     "parse": "3.3.0",
     "pg-monitor": "1.4.1",