diff --git a/CHANGES b/CHANGES
index c69f008b53e673a7660f7f0b725b2521880ec667..a73c827fc3e40af20f3d1dd151fcf1405d3ee924 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,10 @@
+# 3.0.4
+
+* Add check for CVE-2015-3226 (XSS via JSON keys)
+* Add check for CVE-2015-3227 (XML DoS)
+* Treat `<%==` as unescaped output
+* Update `ruby_parser` dependency to 3.7.0
+
 # 3.0.3
 
 * Ignore more Arel methods in SQL
diff --git a/lib/brakeman/version.rb b/lib/brakeman/version.rb
index 7a180e01f693fd99502855d93e79ea96852c0f95..97a78007ef783c0e55c2c6549217e4147bc6fa39 100644
--- a/lib/brakeman/version.rb
+++ b/lib/brakeman/version.rb
@@ -1,3 +1,3 @@
 module Brakeman
-  Version = "3.0.3"
+  Version = "3.0.4"
 end