diff --git a/SUMMARY.md b/SUMMARY.md
index b787eaa..5df46bf 100644
--- a/SUMMARY.md
+++ b/SUMMARY.md
@@ -42,4 +42,4 @@
* [Elastic Fleet](examples/fleet/README.md)
* [Contribution License Agreement](contributing.md)
* [Commercial Licenses](commercial.md)
-* [Changelog](detailed_changelog.md)
+* [Changelog](changelog.md)
diff --git a/detailed_changelog.md b/changelog.md
similarity index 99%
rename from detailed_changelog.md
rename to changelog.md
index bf0f6ed..3a0b7c1 100644
--- a/detailed_changelog.md
+++ b/changelog.md
@@ -1,5 +1,21 @@
+
+
# Changelog
+### (2026-06-12) What's new in **ROR 1.70.1**
+
+🚨Security Fix (ES) CVE-2026-42587
+This release addresses a Netty vulnerability (CVE-2026-42587) where the HttpContentDecompressor's maxAllocation limit was silently ignored for Brotli, Zstd, and Snappy compression encodings, allowing an attacker to trigger unbounded memory allocation and denial of service via a crafted compressed payload. The fix updates the bundled Netty dependency to a patched version that properly enforces the decompression buffer limit for all supported content encodings.
+
+
+🐞Fix (KBN) Fixed tenancy creation after in-place Kibana 8.x→9.x upgrade; stale tenancy indices are repaired automatically (reindex + atomic alias swap)
+When upgrading Kibana in-place from 8.x to 9.x, existing tenancy indices could become stale and block the creation of new tenants. This fix automatically detects and repairs such stale indices by performing a reindex operation followed by an atomic alias swap, ensuring a seamless upgrade path without manual intervention.
+
+
+🐞Fix (ES) Fixed Grok Debugger and Painless Lab in DevTools forbidden error for admin, RW, and RO, RO-strict kibana.access levels
+Users with admin, RW, RO, or RO-strict kibana.access levels were incorrectly receiving forbidden errors when trying to use the Grok Debugger and Painless Lab tools in DevTools. This fix ensures these built-in Kibana debugging tools are properly authorized for all standard access levels.
+
+
### (2026-06-03) What's new in **ROR 1.70.0**
🚨Security Fix (KBN) Fixed kibana.allowed_api_paths to only check Kibana and ReadonlyREST API calls, and to only be usable when api_only user access is configured