diff --git a/docs/self-hosted/oel/keto/changelog/v26.2.4.md b/docs/self-hosted/oel/keto/changelog/v26.2.4.md
new file mode 100644
index 000000000..fdbc4234b
--- /dev/null
+++ b/docs/self-hosted/oel/keto/changelog/v26.2.4.md
@@ -0,0 +1,6 @@
+## v26.2.4
+
+### Migrate Helm chart repository URL from k8s.ory.sh to k8s.ory.com
+
+The Helm chart repository URL has been updated from `k8s.ory.sh` to `k8s.ory.com`. The old URL will continue to work with
+redirects for a limited time. Update your Helm repository configuration to use the new URL.
diff --git a/docs/self-hosted/oel/kratos/changelog/v26.2.4.md b/docs/self-hosted/oel/kratos/changelog/v26.2.4.md
new file mode 100644
index 000000000..a80b8f01b
--- /dev/null
+++ b/docs/self-hosted/oel/kratos/changelog/v26.2.4.md
@@ -0,0 +1,51 @@
+## v26.2.4
+
+### Fix settings flow requiring reauthentication when editing non-privileged traits on verified identities
+
+Users with a verified email address can now update non-privileged traits (such as first name or last name) through the settings
+flow without being prompted to reauthenticate. Previously, the privileged-session check incorrectly triggered whenever any
+verifiable address on the identity had a non-nil verification timestamp, because the internal deep copy of the identity corrupted
+the timestamp's representation.
+
+Fixes [ory/kratos#4435](https://github.com/ory/kratos/issues/4435).
+
+### Improve the performance of finding identity credentials
+
+Kratos now loads identity credential type mappings from the database once at startup and caches them in memory for the lifetime of
+the process. This eliminates a JOIN on the `identity_credential_types` table from every call to `FindByCredentialsIdentifier`,
+reducing query cost and improving login performance.
+
+This also works for self-hosted installations that have non-standard UUIDs in the `identity_credential_types` table, from a time
+where these UUIDs were dynamic (they now are constants).
+
+### Include `metadata_admin` in admin session endpoint responses
+
+Admin session endpoints now include `metadata_admin` in the expanded identity, consistent with admin identity endpoints.
+Previously, `metadata_admin` was stripped from session responses even on admin endpoints.
+
+Affected endpoints:
+
+- `GET /admin/sessions?expand=identity`
+- `GET /admin/sessions/{id}?expand=Identity`
+- `GET /admin/identities/{id}/sessions`
+
+Public endpoints remain unchanged and continue to exclude `metadata_admin`.
+
+### Migrate Helm chart repository URL from k8s.ory.sh to k8s.ory.com
+
+The Helm chart repository URL has been updated from `k8s.ory.sh` to `k8s.ory.com`. The old URL will continue to work with
+redirects for a limited time. Update your Helm repository configuration to use the new URL.
+
+### Support importing all credential types when updating an identity
+
+The `PUT /admin/identities/{id}` and `PATCH /admin/identities` endpoints now support importing credentials for all credential
+types, consistent with what is already available when creating an identity.
+
+You can now import the following credential types via the update endpoint:
+
+- `totp`: Replaces existing TOTP credentials.
+- `lookup_secret`: Adds new lookup secret codes to the existing set.
+- `webauthn`: Preserves existing credentials, adds new ones, and updates credentials with matching IDs.
+- `passkey`: Preserves existing credentials, adds new ones, and updates credentials with matching IDs. New user handles are
+  appended to the identifiers list.
+- `oidc`, `saml`: Keeps existing credentials and adds the new ones to the list.
diff --git a/docs/self-hosted/oel/oathkeeper/changelog/v26.2.4.md b/docs/self-hosted/oel/oathkeeper/changelog/v26.2.4.md
new file mode 100644
index 000000000..fdbc4234b
--- /dev/null
+++ b/docs/self-hosted/oel/oathkeeper/changelog/v26.2.4.md
@@ -0,0 +1,6 @@
+## v26.2.4
+
+### Migrate Helm chart repository URL from k8s.ory.sh to k8s.ory.com
+
+The Helm chart repository URL has been updated from `k8s.ory.sh` to `k8s.ory.com`. The old URL will continue to work with
+redirects for a limited time. Update your Helm repository configuration to use the new URL.
diff --git a/docs/self-hosted/oel/oauth2/changelog/v26.2.4.md b/docs/self-hosted/oel/oauth2/changelog/v26.2.4.md
new file mode 100644
index 000000000..e7e363b2b
--- /dev/null
+++ b/docs/self-hosted/oel/oauth2/changelog/v26.2.4.md
@@ -0,0 +1,11 @@
+## v26.2.4
+
+### Add `oauth2.preserve_ext_claims` configuration option
+
+When `mirror_top_level_claims` is disabled, custom claims not promoted to the top level of the access token were silently dropped.
+The new `oauth2.preserve_ext_claims` setting (default `false`) keeps those claims in the `ext` object instead.
+
+### Migrate Helm chart repository URL from k8s.ory.sh to k8s.ory.com
+
+The Helm chart repository URL has been updated from `k8s.ory.sh` to `k8s.ory.com`. The old URL will continue to work with
+redirects for a limited time. Update your Helm repository configuration to use the new URL.
diff --git a/docs/self-hosted/oel/polis/changelog/v26.2.4.md b/docs/self-hosted/oel/polis/changelog/v26.2.4.md
new file mode 100644
index 000000000..2e37fcc16
--- /dev/null
+++ b/docs/self-hosted/oel/polis/changelog/v26.2.4.md
@@ -0,0 +1 @@
+No changelog entries found for polis/oel in versions v26.2.4