diff --git a/CHANGELOG.md b/CHANGELOG.md
index ea0f456d..c9976d60 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,13 @@
 # Changelog
 
+## [4.2.2](https://github.com/OctopusDeploy/deploy-release-action/compare/v4.2.1...v4.2.2) (2026-05-28)
+
+
+### Bug Fixes
+
+* **deps-dev:** bump tmp from 0.2.5 to 0.2.6 ([#317](https://github.com/OctopusDeploy/deploy-release-action/issues/317)) ([37e95ac](https://github.com/OctopusDeploy/deploy-release-action/commit/37e95acace2bd69ef30ec88b4a14892e1286344e))
+* patch transitive axios vulnerability via npm audit fix ([#311](https://github.com/OctopusDeploy/deploy-release-action/issues/311)) ([883253b](https://github.com/OctopusDeploy/deploy-release-action/commit/883253b46846e917b5c755a8afffccf19032f233))
+
 ## [4.2.1](https://github.com/OctopusDeploy/deploy-release-action/compare/v4.2.0...v4.2.1) (2026-04-13)
 
 
diff --git a/package-lock.json b/package-lock.json
index 212d11bc..73f69447 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "deploy-release-action",
-  "version": "4.2.1",
+  "version": "4.2.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "deploy-release-action",
-      "version": "4.2.1",
+      "version": "4.2.2",
       "license": "Apache-2.0",
       "dependencies": {
         "@actions/core": "3.0.0",
diff --git a/package.json b/package.json
index f86da284..1dfbea24 100644
--- a/package.json
+++ b/package.json
@@ -101,5 +101,5 @@
     "test:unit": "node --experimental-vm-modules node_modules/jest/bin/jest.js --ci --reporters=default --reporters=jest-junit --testPathPattern=__tests__/unit",
     "test:integration": "node --experimental-vm-modules node_modules/jest/bin/jest.js --ci --reporters=default --reporters=jest-junit --testPathPattern=__tests__/integration"
   },
-  "version": "4.2.1"
+  "version": "4.2.2"
 }