diff --git a/content/operations/releases/release-2025-03.md b/content/operations/releases/release-2025-03.md
index f0378ff97..3e8a64f52 100644
--- a/content/operations/releases/release-2025-03.md
+++ b/content/operations/releases/release-2025-03.md
@@ -489,7 +489,11 @@ This release we have patched the following vulnerabilities in the Livingdocs Ser
 
 - [CVE-2025-22150](https://github.com/advisories/GHSA-c76h-2ccp-4975) patched in `undici` v6.21.1
 - [CVE-2025-27152](https://github.com/advisories/GHSA-jr5f-v2jv-69x6) patched in `axios` v1.8.2
-- [CVE-2025-27789] https://github.com/advisories/GHSA-968p-4wvh-cqc8 patched `@babel/runtime` & `@babel/helpers` v7.26.10
+- [CVE-2025-27789](https://github.com/advisories/GHSA-968p-4wvh-cqc8) patched `@babel/runtime` & `@babel/helpers` v7.26.10
+- [GHSA-xffm-g5w8-qvg7](https://github.com/advisories/GHSA-xffm-g5w8-qvg7) patched in `@eslint/plugin-kit` v0.3.5
+- [CVE-2025-7783](https://github.com/advisories/GHSA-fjxv-7rqg-78g4) patched in `form-data` v2.5.5
+- [CVE-2025-7339](https://github.com/advisories/GHSA-76c9-3jph-rj3q) patched in `on-headers` v1.1.0
+- [CVE-2025-54798](https://github.com/advisories/GHSA-52f5-9888-hmc6) patched by no longer depending on `tmp`
 
 No known vulnerabilities. :tada:
 
@@ -499,12 +503,16 @@ This release we have patched the following vulnerabilities in the Livingdocs Edi
 
 - [CVE-2025-22150](https://github.com/advisories/GHSA-c76h-2ccp-4975) patched in `undici` v6.21.1
 - [CVE-2025-27152](https://github.com/advisories/GHSA-jr5f-v2jv-69x6) patched in `axios` v1.8.2
-- [CVE-2025-27789] https://github.com/advisories/GHSA-968p-4wvh-cqc8 patched `@babel/runtime` & `@babel/helpers` v7.26.10
+- [CVE-2025-27789](https://github.com/advisories/GHSA-968p-4wvh-cqc8) patched `@babel/runtime` & `@babel/helpers` v7.26.10
+- [GHSA-xffm-g5w8-qvg7](https://github.com/advisories/GHSA-xffm-g5w8-qvg7) patched in `@eslint/plugin-kit` v2.5.5
+- [CVE-2025-7783](https://github.com/advisories/GHSA-fjxv-7rqg-78g4) patched in `form-data` v2.5.5
+- [CVE-2025-9288](https://github.com/advisories/GHSA-95m3-7q98-8xr5) patched in `sha.js` v2.4.12
+- [CVE-2025-2336](https://github.com/advisories/GHSA-4p4w-6hg8-63wx) patched by replacing `angular-sanitize` with `sanitize-html`
 
 We are aware of the following vulnerabilities in the Livingdocs Editor:
 
 - [CVE-2023-44270](https://github.com/advisories/GHSA-7fh5-64p2-3v2j) vulnerability in `postcss`, it affects linters using PostCSS to parse external Cascading Style Sheets (CSS). It is not exploitable in the editor as we don't load untrusted external CSS at build time.
-- [CVE-2023-26116](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2023-26118](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2023-26117](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2022-25869](https://cwe.mitre.org/data/definitions/79.html), [CVE-2022-25844](https://cwe.mitre.org/data/definitions/770.html) are all AngularJS vulnerabilities that don't have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
+- [CVE-2022-25844](https://github.com/advisories/GHSA-m2h2-264f-f486), [CVE-2022-25869](https://github.com/advisories/GHSA-prc3-vjfx-vhm9), [CVE-2023-26116](https://github.com/advisories/GHSA-2vrf-hf26-jrp5), [CVE-2023-26117](https://github.com/advisories/GHSA-2qqx-w9hr-q5gx), [CVE-2023-26118](https://github.com/advisories/GHSA-qwqh-hm9m-p5hr), [CVE-2024-8372](https://github.com/advisories/GHSA-m9gf-397r-hwpg), [CVE-2024-8373](https://github.com/advisories/GHSA-mqm9-c95h-x2p6), [CVE-2024-21490](https://github.com/advisories/GHSA-4w4v-5hc9-xrr2), [CVE-2025-0716](https://github.com/advisories/GHSA-j58c-ww9w-pwp5) are all AngularJS vulnerabilities that don't have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
 - [CVE-2024-6783](https://github.com/advisories/GHSA-g3ch-rx76-35fx) vulnerability in `vue-template-compiler` it allows malicious users to perform XSS via prototype pollution. Editor build is always done in a trusted environment and the vulnerability is not exploitable.
 - [CVE-2024-9506](https://github.com/advisories/GHSA-5j4c-8p2g-v4jx) vulnerability in `vue`, an ReDoS vulnerability exploitable through inefficient regex evaluation in parseHTML function. The issue can cause excessive CPU usage but is not exploitable in the editor as we don't load untrusted HTML at runtime.
 
@@ -567,6 +575,7 @@ Here is a list of all patches after the release has been announced.
 - [v271.0.2](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v271.0.2): fix(api-version): Keep supporting beta routes
 
 ### Livingdocs Editor Patches
+- [v115.22.80](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v115.22.80): fix: Remove angular-sanitize
 - [v115.22.79](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v115.22.79): fix: Patch vulnerable dependencies
 - [v115.22.78](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v115.22.78): fix(drone): Prepend strip_prefix with '/'
 - [v115.22.77](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v115.22.77): fix(v-tooltip): Render strings of v-tooltip as text, not html
diff --git a/content/operations/releases/release-2025-05.md b/content/operations/releases/release-2025-05.md
index 4e36d2c1c..803bd1de1 100644
--- a/content/operations/releases/release-2025-05.md
+++ b/content/operations/releases/release-2025-05.md
@@ -419,7 +419,11 @@ We are constantly patching module vulnerabilities for the Livingdocs Server and
 This release we have patched the following vulnerabilities in the Livingdocs Server:
 
 - [CVE-2025-32442](https://github.com/fastify/fastify/security/advisories/GHSA-mg2h-6x62-wpwc) patched in `fastify` v5.3.2
-- [CVE-2025-27789] https://github.com/advisories/GHSA-968p-4wvh-cqc8 patched `@babel/runtime` & `@babel/helpers` v7.26.10
+- [CVE-2025-27789](https://github.com/advisories/GHSA-968p-4wvh-cqc8) patched `@babel/runtime` & `@babel/helpers` v7.26.10
+- [GHSA-xffm-g5w8-qvg7](https://github.com/advisories/GHSA-xffm-g5w8-qvg7) patched in `@eslint/plugin-kit` v0.3.5
+- [CVE-2025-7783](https://github.com/advisories/GHSA-fjxv-7rqg-78g4) patched in `form-data` v2.5.5
+- [CVE-2025-7339](https://github.com/advisories/GHSA-76c9-3jph-rj3q) patched in `on-headers` v1.1.0
+- [CVE-2025-54798](https://github.com/advisories/GHSA-52f5-9888-hmc6) patched by no longer depending on `tmp`
 
 No known vulnerabilities. :tada:
 
@@ -429,17 +433,24 @@ This release we have patched the following vulnerabilities in the Livingdocs Edi
 
 - [CVE-2025-32442](https://github.com/fastify/fastify/security/advisories/GHSA-mg2h-6x62-wpwc) patched in `fastify` v5.3.2
 - [CVE-2025-27789](https://github.com/advisories/GHSA-968p-4wvh-cqc8) patched `@babel/runtime` & `@babel/helpers` v7.26.10
+- [GHSA-xffm-g5w8-qvg7](https://github.com/advisories/GHSA-xffm-g5w8-qvg7) patched in `@eslint/plugin-kit` v2.5.5
+- [CVE-2025-7783](https://github.com/advisories/GHSA-fjxv-7rqg-78g4) patched in `form-data` v2.5.5
+- [CVE-2025-9288](https://github.com/advisories/GHSA-95m3-7q98-8xr5) patched in `sha.js` v2.4.12
+- [CVE-2025-2336](https://github.com/advisories/GHSA-4p4w-6hg8-63wx) patched by replacing `angular-sanitize` with `sanitize-html`
 
 We are aware of the following vulnerabilities in the Livingdocs Editor:
 
 - [CVE-2023-44270](https://github.com/advisories/GHSA-7fh5-64p2-3v2j) vulnerability in `postcss`, it affects linters using PostCSS to parse external Cascading Style Sheets (CSS). It is not exploitable in the editor as we don't load untrusted external CSS at build time.
-- [CVE-2023-26116](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2023-26118](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2023-26117](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2022-25869](https://cwe.mitre.org/data/definitions/79.html), [CVE-2022-25844](https://cwe.mitre.org/data/definitions/770.html) are all AngularJS vulnerabilities that don't have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
+- [CVE-2022-25844](https://github.com/advisories/GHSA-m2h2-264f-f486), [CVE-2022-25869](https://github.com/advisories/GHSA-prc3-vjfx-vhm9), [CVE-2023-26116](https://github.com/advisories/GHSA-2vrf-hf26-jrp5), [CVE-2023-26117](https://github.com/advisories/GHSA-2qqx-w9hr-q5gx), [CVE-2023-26118](https://github.com/advisories/GHSA-qwqh-hm9m-p5hr), [CVE-2024-8372](https://github.com/advisories/GHSA-m9gf-397r-hwpg), [CVE-2024-8373](https://github.com/advisories/GHSA-mqm9-c95h-x2p6), [CVE-2024-21490](https://github.com/advisories/GHSA-4w4v-5hc9-xrr2), [CVE-2025-0716](https://github.com/advisories/GHSA-j58c-ww9w-pwp5) are all AngularJS vulnerabilities that don't have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
+- [CVE-2024-6783](https://github.com/advisories/GHSA-g3ch-rx76-35fx) vulnerability in `vue-template-compiler` it allows malicious users to perform XSS via prototype pollution. Editor build is always done in a trusted environment and the vulnerability is not exploitable.
+- [CVE-2024-9506](https://github.com/advisories/GHSA-5j4c-8p2g-v4jx) vulnerability in `vue`, an ReDoS vulnerability exploitable through inefficient regex evaluation in parseHTML function. The issue can cause excessive CPU usage but is not exploitable in the editor as we don't load untrusted HTML at runtime.
 
 ## Patches
 
 Here is a list of all patches after the release has been announced.
 
 ### Livingdocs Server Patches
+- [v276.3.27](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v276.3.27): fix: Support setting migration sequence to 0 with documentApi.create
 - [v276.3.26](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v276.3.26): fix: Patch vulnerable dependencies
 - [v276.3.25](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v276.3.25): fix(retresco): Request more rows on entities endpoint
 - [v276.3.24](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v276.3.24): fix(peiq): Replace '<?ZE?>' with '\n' instead of ' ' if newlines are enabled on metadata property
@@ -470,6 +481,8 @@ Here is a list of all patches after the release has been announced.
 - [v276.3.1](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v276.3.1): fix(peiq-agency): Improve handling of empty property image_ids
 
 ### Livingdocs Editor Patches
+- [v117.6.44](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v117.6.44): fix: Remove angular-sanitize
+- [v117.6.43](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v117.6.43): fix(comments): Improve comment to component alignment on load
 - [v117.6.42](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v117.6.42): fix: Patch vulnerable dependencies
 - [v117.6.41](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v117.6.41): fix(drone): Prepend strip_prefix with '/'
 - [v117.6.40](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v117.6.40): fix(v-tooltip): Render strings of v-tooltip as text, not html
diff --git a/content/operations/releases/release-2025-07.md b/content/operations/releases/release-2025-07.md
index 4bc4a430c..3af38d996 100644
--- a/content/operations/releases/release-2025-07.md
+++ b/content/operations/releases/release-2025-07.md
@@ -590,8 +590,12 @@ We are constantly patching module vulnerabilities for the Livingdocs Server and
 
 This release we have patched the following vulnerabilities in the Livingdocs Server:
 
-- [CVE-2025-47279](https://github.com/advisories/GHSA-cxrh-j4jr-qwg3) Patch vulnerability `undici` to v6.21.3
-- [CVE-2025-5889](https://github.com/advisories/GHSA-v6h2-p8h4-qcjw) Patch vulnerability `brace-expansion` to v1.1.12
+- [CVE-2025-47279](https://github.com/advisories/GHSA-cxrh-j4jr-qwg3) patched in `undici` v6.21.3
+- [CVE-2025-5889](https://github.com/advisories/GHSA-v6h2-p8h4-qcjw) patched in `brace-expansion` v1.1.12
+- [GHSA-xffm-g5w8-qvg7](https://github.com/advisories/GHSA-xffm-g5w8-qvg7) patched in `@eslint/plugin-kit` v0.3.5
+- [CVE-2025-7783](https://github.com/advisories/GHSA-fjxv-7rqg-78g4) patched in `form-data` v2.5.5
+- [CVE-2025-7339](https://github.com/advisories/GHSA-76c9-3jph-rj3q) patched in `on-headers` v1.1.0
+- [CVE-2025-54798](https://github.com/advisories/GHSA-52f5-9888-hmc6) patched by no longer depending on `tmp`
 
 No known vulnerabilities. :tada:
 
@@ -599,16 +603,20 @@ No known vulnerabilities. :tada:
 
 This release we have patched the following vulnerabilities in the Livingdocs Editor:
 
-- [CVE-2025-47279](https://github.com/advisories/GHSA-cxrh-j4jr-qwg3) Patch vulnerability `undici` to v6.21.3
-- [CVE-2025-5889](https://github.com/advisories/GHSA-v6h2-p8h4-qcjw) Patch vulnerability `brace-expansion` to v1.1.12
-- [CVE-2025-6547](https://github.com/advisories/GHSA-v62p-rq8g-8h59) Patch vulnerability `pbkdf2` to v3.1.3
-- [CVE-2025-48387](https://github.com/advisories/GHSA-8cj5-5rvv-wf4v) Patch vulnerability `tar-fs` to v3.1.0
-- [CVE-2025-27789](https://github.com/advisories/GHSA-968p-4wvh-cqc8) Patch vulnerability `@babel/helpers` and `@babel/runtime` to v7.27.6
+- [CVE-2025-47279](https://github.com/advisories/GHSA-cxrh-j4jr-qwg3) patched in `undici` v6.21.3
+- [CVE-2025-5889](https://github.com/advisories/GHSA-v6h2-p8h4-qcjw) patched in `brace-expansion` v1.1.12
+- [CVE-2025-6547](https://github.com/advisories/GHSA-v62p-rq8g-8h59) patched in `pbkdf2` v3.1.3
+- [CVE-2025-48387](https://github.com/advisories/GHSA-8cj5-5rvv-wf4v) patched in `tar-fs` v3.1.0
+- [CVE-2025-27789](https://github.com/advisories/GHSA-968p-4wvh-cqc8) patched in `@babel/helpers` and `@babel/runtime` v7.27.6
+- [GHSA-xffm-g5w8-qvg7](https://github.com/advisories/GHSA-xffm-g5w8-qvg7) patched in `@eslint/plugin-kit` v2.5.5
+- [CVE-2025-7783](https://github.com/advisories/GHSA-fjxv-7rqg-78g4) patched in `form-data` v2.5.5
+- [CVE-2025-9288](https://github.com/advisories/GHSA-95m3-7q98-8xr5) patched in `sha.js` v2.4.12
+- [CVE-2025-2336](https://github.com/advisories/GHSA-4p4w-6hg8-63wx) patched by replacing `angular-sanitize` with `sanitize-html`
 
 We are aware of the following vulnerabilities in the Livingdocs Editor:
 
 - [CVE-2023-44270](https://github.com/advisories/GHSA-7fh5-64p2-3v2j) vulnerability in `postcss`, it affects linters using PostCSS to parse external Cascading Style Sheets (CSS). It is not exploitable in the editor as we don't load untrusted external CSS at build time.
-- [CVE-2023-26116](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2023-26118](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2023-26117](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2022-25869](https://cwe.mitre.org/data/definitions/79.html), [CVE-2022-25844](https://cwe.mitre.org/data/definitions/770.html) are all AngularJS vulnerabilities that don't have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
+- [CVE-2022-25844](https://github.com/advisories/GHSA-m2h2-264f-f486), [CVE-2022-25869](https://github.com/advisories/GHSA-prc3-vjfx-vhm9), [CVE-2023-26116](https://github.com/advisories/GHSA-2vrf-hf26-jrp5), [CVE-2023-26117](https://github.com/advisories/GHSA-2qqx-w9hr-q5gx), [CVE-2023-26118](https://github.com/advisories/GHSA-qwqh-hm9m-p5hr), [CVE-2024-8372](https://github.com/advisories/GHSA-m9gf-397r-hwpg), [CVE-2024-8373](https://github.com/advisories/GHSA-mqm9-c95h-x2p6), [CVE-2024-21490](https://github.com/advisories/GHSA-4w4v-5hc9-xrr2), [CVE-2025-0716](https://github.com/advisories/GHSA-j58c-ww9w-pwp5) are all AngularJS vulnerabilities that don't have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
 - [CVE-2024-6783](https://github.com/advisories/GHSA-g3ch-rx76-35fx) vulnerability in `vue-template-compiler` it allows malicious users to perform XSS via prototype pollution. Editor build is always done in a trusted environment and the vulnerability is not exploitable.
 - [CVE-2024-9506](https://github.com/advisories/GHSA-5j4c-8p2g-v4jx) vulnerability in `vue`, an ReDoS vulnerability exploitable through inefficient regex evaluation in parseHTML function. The issue can cause excessive CPU usage but is not exploitable in the editor as we don't load untrusted HTML at runtime.
 
@@ -617,6 +625,9 @@ We are aware of the following vulnerabilities in the Livingdocs Editor:
 Here is a list of all patches after the release has been announced.
 
 ### Livingdocs Server Patches
+- [v280.1.23](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v280.1.23): fix: Support setting migration sequence to 0 with documentApi.create
+- [v280.1.22](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v280.1.22): fix(rubrics): allow `li-rubric-assignment` in creation flows
+- [v280.1.21](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v280.1.21): fix(google-vision): Enrich images on upload
 - [v280.1.20](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v280.1.20): fix: Patch vulnerable dependencies
 - [v280.1.19](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v280.1.19): fix(retresco): Request more rows on entities endpoint
 - [v280.1.18](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v280.1.18): fix(peiq): Replace '<?ZE?>' with '\n' instead of ' ' if newlines are enabled on metadata property
@@ -641,6 +652,8 @@ Here is a list of all patches after the release has been announced.
 - [v280.1.1](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v280.1.1): fix(news-agency): Prevent registering news agency report content type multiple times
 
 ### Livingdocs Editor Patches
+- [v119.3.23](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v119.3.23): fix: Remove angular-sanitize
+- [v119.3.22](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v119.3.22): fix(comments): Improve comment to component alignment on load
 - [v119.3.21](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v119.3.21): fix: Patch vulnerable dependencies
 - [v119.3.20](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v119.3.20): fix(drone): Prepend strip_prefix with '/'
 - [v119.3.19](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v119.3.19): chore: Make pdf responsive by omitting width and height style attributes
diff --git a/content/operations/releases/release-2025-09.md b/content/operations/releases/release-2025-09.md
index 8d2322775..c39254d38 100644
--- a/content/operations/releases/release-2025-09.md
+++ b/content/operations/releases/release-2025-09.md
@@ -335,7 +335,11 @@ We are constantly patching module vulnerabilities for the Livingdocs Server and
 
 This release we have patched the following vulnerabilities in the Livingdocs Server:
 
-- TBD
+- [GHSA-xffm-g5w8-qvg7](https://github.com/advisories/GHSA-xffm-g5w8-qvg7) patched in `@eslint/plugin-kit` v0.3.5
+- [CVE-2025-7783](https://github.com/advisories/GHSA-fjxv-7rqg-78g4) patched in `form-data` v2.5.5
+- [CVE-2025-7339](https://github.com/advisories/GHSA-76c9-3jph-rj3q) patched in `on-headers` v1.1.0
+- [CVE-2025-54798](https://github.com/advisories/GHSA-52f5-9888-hmc6) patched by no longer depending on `tmp`
+- [CVE-2025-2336](https://github.com/advisories/GHSA-4p4w-6hg8-63wx) patched by replacing `angular-sanitize` with `sanitize-html`
 
 No known vulnerabilities. :tada:
 
@@ -343,22 +347,32 @@ No known vulnerabilities. :tada:
 
 This release we have patched the following vulnerabilities in the Livingdocs Editor:
 
-- TBD
+- [GHSA-xffm-g5w8-qvg7](https://github.com/advisories/GHSA-xffm-g5w8-qvg7) patched in `@eslint/plugin-kit` v2.5.5
+- [CVE-2025-7783](https://github.com/advisories/GHSA-fjxv-7rqg-78g4) patched in `form-data` v2.5.5
+- [CVE-2025-9288](https://github.com/advisories/GHSA-95m3-7q98-8xr5) patched in `sha.js` v2.4.12
 
 We are aware of the following vulnerabilities in the Livingdocs Editor:
 
 - [CVE-2023-44270](https://github.com/advisories/GHSA-7fh5-64p2-3v2j) vulnerability in `postcss`, it affects linters using PostCSS to parse external Cascading Style Sheets (CSS). It is not exploitable in the editor as we don't load untrusted external CSS at build time.
-- [CVE-2023-26116](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2023-26118](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2023-26117](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2022-25869](https://cwe.mitre.org/data/definitions/79.html), [CVE-2022-25844](https://cwe.mitre.org/data/definitions/770.html) are all AngularJS vulnerabilities that don't have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
+- [CVE-2022-25844](https://github.com/advisories/GHSA-m2h2-264f-f486), [CVE-2022-25869](https://github.com/advisories/GHSA-prc3-vjfx-vhm9), [CVE-2023-26116](https://github.com/advisories/GHSA-2vrf-hf26-jrp5), [CVE-2023-26117](https://github.com/advisories/GHSA-2qqx-w9hr-q5gx), [CVE-2023-26118](https://github.com/advisories/GHSA-qwqh-hm9m-p5hr), [CVE-2024-8372](https://github.com/advisories/GHSA-m9gf-397r-hwpg), [CVE-2024-8373](https://github.com/advisories/GHSA-mqm9-c95h-x2p6), [CVE-2024-21490](https://github.com/advisories/GHSA-4w4v-5hc9-xrr2), [CVE-2025-0716](https://github.com/advisories/GHSA-j58c-ww9w-pwp5) are all AngularJS vulnerabilities that don't have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
+- [CVE-2024-6783](https://github.com/advisories/GHSA-g3ch-rx76-35fx) vulnerability in `vue-template-compiler` it allows malicious users to perform XSS via prototype pollution. Editor build is always done in a trusted environment and the vulnerability is not exploitable.
+- [CVE-2024-9506](https://github.com/advisories/GHSA-5j4c-8p2g-v4jx) vulnerability in `vue`, an ReDoS vulnerability exploitable through inefficient regex evaluation in parseHTML function. The issue can cause excessive CPU usage but is not exploitable in the editor as we don't load untrusted HTML at runtime.
 
 ## Patches
 
 Here is a list of all patches after the release has been announced.
 
 ### Livingdocs Server Patches
+- [v281.3.7](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v281.3.7): fix: Support setting migration sequence to 0 with documentApi.create
+- [v281.3.6](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v281.3.6): fix(google-vision): Enrich images on upload
+- [v281.3.5](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v281.3.5): fix(rubrics): allow `li-rubric-assignment` in creation flows
+- [v281.3.4](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v281.3.4): fix(revisions): Exclude scheduled publication events
 - [v281.3.3](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v281.3.3): fix(db): Rename 213 migrations
 - [v281.3.2](https://github.com/livingdocsIO/livingdocs-server/releases/tag/v281.3.2): fix(release-2025-09): Update framework to v32.9.4 (release-2025-09 tag)
 
 ### Livingdocs Editor Patches
+- [v119.14.5](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v119.14.5): fix: Remove angular-sanitize
+- [v119.14.4](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v119.14.4): fix(comments): Improve comment to component alignment on load
 - [v119.14.3](https://github.com/livingdocsIO/livingdocs-editor/releases/tag/v119.14.3): fix(release-2025-09): Update framework to v32.9.4 (release-2025-09 tag)
 
 ---
diff --git a/content/operations/releases/release-2025-11.md b/content/operations/releases/release-2025-11.md
index 9a5aad186..6c66cc01e 100644
--- a/content/operations/releases/release-2025-11.md
+++ b/content/operations/releases/release-2025-11.md
@@ -65,6 +65,16 @@ These are the release notes of the upcoming release (pull requests merged to the
 - :fire: Integration against the upcoming release (currently `master` branch) is at your own risk
 
 ## PRs to Categorize
+- [chore(deps): update dependency eslint from 9.34.0 to v9.35.0 (main)](https://github.com/livingdocsIO/livingdocs-editor/pull/10271)
+- [fix(deps): update dependency pino from 9.9.2 to v9.9.4 (main)](https://github.com/livingdocsIO/livingdocs-server/pull/8361)
+- [Support setting migration sequence to 0 with documentApi.createV2](https://github.com/livingdocsIO/livingdocs-server/pull/8356)
+- [fix(deps): update dependency dedent from 1.6.0 to v1.7.0 (main)](https://github.com/livingdocsIO/livingdocs-editor/pull/10255)
+- [fix(deps): update dependency posthog-node from 5.8.1 to v5.8.2 (main)](https://github.com/livingdocsIO/livingdocs-server/pull/8354)
+- [fix(deps): update dependency pino from 9.9.1 to v9.9.2 (main)](https://github.com/livingdocsIO/livingdocs-server/pull/8352)
+- [Trigger Google Vision enrichment on image upload](https://github.com/livingdocsIO/livingdocs-server/pull/8341)
+- [Improve comment to component alignment on load](https://github.com/livingdocsIO/livingdocs-editor/pull/10056)
+- [Allow `li-rubric-assignment` in creation flows](https://github.com/livingdocsIO/livingdocs-server/pull/8348)
+- [Exclude scheduled publication events from revisions list](https://github.com/livingdocsIO/livingdocs-server/pull/8336)
 - [fix(deps): update dependency pino from 9.9.0 to v9.9.1 (main)](https://github.com/livingdocsIO/livingdocs-server/pull/8343)
 - [Rename 213-* db migrations](https://github.com/livingdocsIO/livingdocs-server/pull/8339)
 
@@ -155,7 +165,9 @@ This release we have patched the following vulnerabilities in the Livingdocs Edi
 We are aware of the following vulnerabilities in the Livingdocs Editor:
 
 - [CVE-2023-44270](https://github.com/advisories/GHSA-7fh5-64p2-3v2j) vulnerability in `postcss`, it affects linters using PostCSS to parse external Cascading Style Sheets (CSS). It is not exploitable in the editor as we don't load untrusted external CSS at build time.
-- [CVE-2023-26116](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2023-26118](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2023-26117](https://cwe.mitre.org/data/definitions/1333.html), [CVE-2022-25869](https://cwe.mitre.org/data/definitions/79.html), [CVE-2022-25844](https://cwe.mitre.org/data/definitions/770.html) are all AngularJS vulnerabilities that don't have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
+- [CVE-2022-25844](https://github.com/advisories/GHSA-m2h2-264f-f486), [CVE-2022-25869](https://github.com/advisories/GHSA-prc3-vjfx-vhm9), [CVE-2023-26116](https://github.com/advisories/GHSA-2vrf-hf26-jrp5), [CVE-2023-26117](https://github.com/advisories/GHSA-2qqx-w9hr-q5gx), [CVE-2023-26118](https://github.com/advisories/GHSA-qwqh-hm9m-p5hr), [CVE-2024-8372](https://github.com/advisories/GHSA-m9gf-397r-hwpg), [CVE-2024-8373](https://github.com/advisories/GHSA-mqm9-c95h-x2p6), [CVE-2024-21490](https://github.com/advisories/GHSA-4w4v-5hc9-xrr2), [CVE-2025-0716](https://github.com/advisories/GHSA-j58c-ww9w-pwp5) are all AngularJS vulnerabilities that don't have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
+- [CVE-2024-6783](https://github.com/advisories/GHSA-g3ch-rx76-35fx) vulnerability in `vue-template-compiler` it allows malicious users to perform XSS via prototype pollution. Editor build is always done in a trusted environment and the vulnerability is not exploitable.
+- [CVE-2024-9506](https://github.com/advisories/GHSA-5j4c-8p2g-v4jx) vulnerability in `vue`, an ReDoS vulnerability exploitable through inefficient regex evaluation in parseHTML function. The issue can cause excessive CPU usage but is not exploitable in the editor as we don't load untrusted HTML at runtime.
 
 ## Patches
 
diff --git a/data/releases.json b/data/releases.json
index e32cb3b3e..b1b5f656f 100644
--- a/data/releases.json
+++ b/data/releases.json
@@ -8,8 +8,8 @@
     "maintained": false,
     "legacy": false,
     "sortId": 52,
-    "editorVersion": "v119.15.0",
-    "serverVersion": "v281.4.2"
+    "editorVersion": "v119.15.3",
+    "serverVersion": "v281.4.9"
   },
   "release-2025-09": {
     "key": "release-2025-09",
@@ -20,8 +20,8 @@
     "maintained": false,
     "legacy": false,
     "sortId": 51,
-    "editorVersion": "v119.14.3",
-    "serverVersion": "v281.3.3"
+    "editorVersion": "v119.14.5",
+    "serverVersion": "v281.3.7"
   },
   "release-2025-07": {
     "key": "release-2025-07",
@@ -32,8 +32,8 @@
     "maintained": true,
     "legacy": false,
     "sortId": 50,
-    "editorVersion": "v119.3.21",
-    "serverVersion": "v280.1.20"
+    "editorVersion": "v119.3.23",
+    "serverVersion": "v280.1.23"
   },
   "release-2025-05": {
     "key": "release-2025-05",
@@ -44,8 +44,8 @@
     "maintained": true,
     "legacy": false,
     "sortId": 49,
-    "editorVersion": "v117.6.42",
-    "serverVersion": "v276.3.26"
+    "editorVersion": "v117.6.44",
+    "serverVersion": "v276.3.27"
   },
   "release-2025-03": {
     "key": "release-2025-03",
@@ -56,7 +56,7 @@
     "maintained": true,
     "legacy": false,
     "sortId": 48,
-    "editorVersion": "v115.22.79",
+    "editorVersion": "v115.22.80",
     "serverVersion": "v271.0.51"
   },
   "release-2025-01": {
diff --git a/package-lock.json b/package-lock.json
index 0e16132d1..9d508950e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -64,18 +64,6 @@
       "resolved": "https://registry.npmjs.org/@zeit/schemas/-/schemas-2.36.0.tgz",
       "integrity": "sha512-7kjMwcChYEzMKjeex9ZFXkt1AyNov9R5HZtjBKVsmVpw7pa7ZtlCGvCBC2vnnXctaYN+aRI61HjIqeetZW5ROg=="
     },
-    "node_modules/accepts": {
-      "version": "1.3.8",
-      "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz",
-      "integrity": "sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw==",
-      "dependencies": {
-        "mime-types": "~2.1.34",
-        "negotiator": "0.6.3"
-      },
-      "engines": {
-        "node": ">= 0.6"
-      }
-    },
     "node_modules/ajv": {
       "version": "8.12.0",
       "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.12.0.tgz",
@@ -357,22 +345,32 @@
       }
     },
     "node_modules/compression": {
-      "version": "1.7.4",
-      "resolved": "https://registry.npmjs.org/compression/-/compression-1.7.4.tgz",
-      "integrity": "sha512-jaSIDzP9pZVS4ZfQ+TzvtiWhdpFhE2RDHz8QJkpX9SIpLq88VueF5jJw6t+6CUQcAoA6t+x89MLrWAqpfDE8iQ==",
+      "version": "1.8.1",
+      "resolved": "https://registry.npmjs.org/compression/-/compression-1.8.1.tgz",
+      "integrity": "sha512-9mAqGPHLakhCLeNyxPkK4xVo746zQ/czLH1Ky+vkitMnWfWZps8r0qXuwhwizagCRttsL4lfG4pIOvaWLpAP0w==",
+      "license": "MIT",
       "dependencies": {
-        "accepts": "~1.3.5",
-        "bytes": "3.0.0",
-        "compressible": "~2.0.16",
+        "bytes": "3.1.2",
+        "compressible": "~2.0.18",
         "debug": "2.6.9",
-        "on-headers": "~1.0.2",
-        "safe-buffer": "5.1.2",
+        "negotiator": "~0.6.4",
+        "on-headers": "~1.1.0",
+        "safe-buffer": "5.2.1",
         "vary": "~1.1.2"
       },
       "engines": {
         "node": ">= 0.8.0"
       }
     },
+    "node_modules/compression/node_modules/bytes": {
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz",
+      "integrity": "sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
     "node_modules/concat-map": {
       "version": "0.0.1",
       "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
@@ -744,17 +742,6 @@
         "node": ">= 0.6"
       }
     },
-    "node_modules/mime-types": {
-      "version": "2.1.35",
-      "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz",
-      "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==",
-      "dependencies": {
-        "mime-db": "1.52.0"
-      },
-      "engines": {
-        "node": ">= 0.6"
-      }
-    },
     "node_modules/mimic-fn": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz",
@@ -801,9 +788,10 @@
       "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A=="
     },
     "node_modules/negotiator": {
-      "version": "0.6.3",
-      "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz",
-      "integrity": "sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg==",
+      "version": "0.6.4",
+      "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.4.tgz",
+      "integrity": "sha512-myRT3DiWPHqho5PrJaIRyaMv2kgYf0mUVgBNOYMuCH5Ki1yEiQaf/ZJuQ62nvpc44wL5WDbTX7yGJi1Neevw8w==",
+      "license": "MIT",
       "engines": {
         "node": ">= 0.6"
       }
@@ -820,9 +808,10 @@
       }
     },
     "node_modules/on-headers": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz",
-      "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==",
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz",
+      "integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==",
+      "license": "MIT",
       "engines": {
         "node": ">= 0.8"
       }
@@ -965,9 +954,24 @@
       }
     },
     "node_modules/safe-buffer": {
-      "version": "5.1.2",
-      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
-      "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
+      "version": "5.2.1",
+      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+      "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/feross"
+        },
+        {
+          "type": "patreon",
+          "url": "https://www.patreon.com/feross"
+        },
+        {
+          "type": "consulting",
+          "url": "https://feross.org/support"
+        }
+      ],
+      "license": "MIT"
     },
     "node_modules/select": {
       "version": "1.1.2",
@@ -975,9 +979,9 @@
       "integrity": "sha512-OwpTSOfy6xSs1+pwcNrv0RBMOzI39Lp3qQKUTPVVPRjCdNa5JH/oPRiqsesIskK8TVgmRiHwO4KXlV2Li9dANA=="
     },
     "node_modules/serve": {
-      "version": "14.2.4",
-      "resolved": "https://registry.npmjs.org/serve/-/serve-14.2.4.tgz",
-      "integrity": "sha512-qy1S34PJ/fcY8gjVGszDB3EXiPSk5FKhUa7tQe0UPRddxRidc2V6cNHPNewbE1D7MAkgLuWEt3Vw56vYy73tzQ==",
+      "version": "14.2.5",
+      "resolved": "https://registry.npmjs.org/serve/-/serve-14.2.5.tgz",
+      "integrity": "sha512-Qn/qMkzCcMFVPb60E/hQy+iRLpiU8PamOfOSYoAHmmF+fFFmpPpqa6Oci2iWYpTdOUM3VF+TINud7CfbQnsZbA==",
       "license": "MIT",
       "dependencies": {
         "@zeit/schemas": "2.36.0",
@@ -987,7 +991,7 @@
         "chalk": "5.0.1",
         "chalk-template": "0.4.0",
         "clipboardy": "3.0.0",
-        "compression": "1.7.4",
+        "compression": "1.8.1",
         "is-port-reachable": "4.0.0",
         "serve-handler": "6.1.6",
         "update-check": "1.5.4"