diff --git a/changelog/_2021Jan26.txt b/changelog/_2021Jan26.txt
new file mode 100644
index 0000000000..96506e916b
--- /dev/null
+++ b/changelog/_2021Jan26.txt
@@ -0,0 +1,8 @@
+```release-note:security
+Limited Unauthenticated Remove Peer: As of Vault 1.6, the remove-peer command
+on DR secondaries did not require authentication. This issue impacts the
+stability of HA architecture, as a bad actor could remove all standby
+nodes from a DR
+secondary. This issue affects Vault Enterprise 1.6.0 and 1.6.1, and is fixed in
+1.6.2 (CVE-2021-3282).
+```