From 8c887ae05e7cd046da4db4e14c8b93ac7cbee194 Mon Sep 17 00:00:00 2001
From: ctcpip <ctcpip@users.noreply.github.com>
Date: Wed, 3 Dec 2025 16:07:25 -0600
Subject: [PATCH] =?UTF-8?q?=F0=9F=93=9D=20add=20note=20to=20history?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 History.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/History.md b/History.md
index 150c2abec01..f27f4d73643 100644
--- a/History.md
+++ b/History.md
@@ -2,6 +2,7 @@
 ==========
 
   * Revert security fix for [CVE-2024-51999](https://www.cve.org/CVERecord?id=CVE-2024-51999) ([GHSA-pj86-cfqh-vqx6](https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6))
+    * The prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.
 
 4.22.0 / 2025-12-01
 ==========