diff --git a/changes/v4.3.22-en.md b/changes/v4.3.22-en.md
index c859b7e5a..4fc08477d 100644
--- a/changes/v4.3.22-en.md
+++ b/changes/v4.3.22-en.md
@@ -10,6 +10,9 @@
 
 - JWT ACL claim supports `all` action to imply the rules applie to both `pub` and `sub` [#9044](https://github.com/emqx/emqx/pull/9044).
 
+- Added a log censor to avoid logging sensitive data [#9189](https://github.com/emqx/emqx/pull/9189).
+  If the data to be logged is a map or key-value list which contains sensitive key words such as `password`, the value is obfuscated as `******`.
+
 ## Bug fixes
 
 - Fix that after uploading a backup file with an UTF8 filename, HTTP API `GET /data/export` fails with status code 500 [#9224](https://github.com/emqx/emqx/pull/9224).
diff --git a/changes/v4.3.22-zh.md b/changes/v4.3.22-zh.md
index afe709ffe..696cce5ca 100644
--- a/changes/v4.3.22-zh.md
+++ b/changes/v4.3.22-zh.md
@@ -10,6 +10,9 @@
 
 - 基于 JWT 的 ACL 支持 `all` 动作，指定同时适用于 `pub` 和 `sub` 两个动作的规则列表 [#9044](https://github.com/emqx/emqx/pull/9044)。
 
+- 增强包含敏感数据的日志的安全性 [#9189](https://github.com/emqx/emqx/pull/9189)。
+  如果日志中包含敏感关键词，例如 `password`，那么关联的数据回被模糊化处理，替换成 `******`。
+
 ## 修复
 
 - 修复若上传的备份文件名中包含 UTF8 字符，`GET /data/export` HTTP 接口返回 500 错误 [#9224](https://github.com/emqx/emqx/pull/9224)。