From 49d030463f10a0f21458c84add656c1c1a2ec910 Mon Sep 17 00:00:00 2001
From: sfan5 <sfan5@live.de>
Date: Wed, 15 Apr 2026 23:13:55 +0200
Subject: [PATCH] Update changelog

---
 content/about/changelog.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/content/about/changelog.md b/content/about/changelog.md
index 3f12b4f..d04e8b7 100644
--- a/content/about/changelog.md
+++ b/content/about/changelog.md
@@ -17,7 +17,8 @@ If you want a list of _every_ change made between releases see the [commit log](
 
 Released on 14 April 2026.
 
-⚠️ This release fixes **critical** security vulnerabilities affecting both the client and server. We advise everyone to upgrade **immediately**. ⚠️
+⚠️ **This release fixes critical security vulnerabilities affecting both the client and server. We advise everyone to upgrade immediately**.
+Note that the attack vector for the critical vulnerabilities is installing malicious mods locally. They are not exploitable remotely (by clients joining malicious servers, or by malicious clients joining a server). ⚠️
 
 ### World / Server / Environment
 - Add bounds check for source index in IDropAction (_sofar_)