diff --git a/website/content/en/releases/14.3R/errata.adoc b/website/content/en/releases/14.3R/errata.adoc
index 2b20c4c49a..a067cccbd0 100644
--- a/website/content/en/releases/14.3R/errata.adoc
+++ b/website/content/en/releases/14.3R/errata.adoc
@@ -1,133 +1,134 @@
 ---
 title: "FreeBSD 14.3-RELEASE Errata"
 sidenav: download
 ---
 
 :release: 14.3-RELEASE
 :releaseNext: 14.4-RELEASE
 :releaseBranch: 14-STABLE
 
 = FreeBSD {release} Errata
 
 == Abstract
 
 This document lists errata items for FreeBSD {release}, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation.
 This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability.
 An up-to-date version of this document should always be consulted before installing this version of FreeBSD.
 
 This errata document for FreeBSD {release} will be maintained until the release of FreeBSD {releaseNext}.
 
 == Table of Contents
 
 * <<intro,Introduction>>
 * <<security,Security Advisories>>
 * <<errata,Errata Notices>>
 * <<open-issues,Open Issues>>
 * <<late-news,Late-Breaking News>>
 
 [[intro]]
 == Introduction
 
 This errata document contains "late-breaking news" about FreeBSD {release}.
 Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.
 
 Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the "current errata" for this release.
 These other copies of the errata are located at https://www.FreeBSD.org/releases/, plus any sites which keep up-to-date mirrors of this location.
 
 Source and binary snapshots of FreeBSD {releaseBranch} also contain up-to-date copies of this document (as of the time of the snapshot).
 
 For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/security/.
 
 [[security]]
 == Security Advisories
 
 [width="100%",cols="40%,30%,30%",options="header",]
 |===
 |Advisory |Date |Topic
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-25:07.libarchive.asc[FreeBSD-SA-25:07.libarchive] |8 August 2025 |Integer overflow in libarchive leading to double free
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-25:08.openssl.asc[FreeBSD-SA-25:08.openssl] |30 September 2025 |Multiple vulnerabilities in OpenSSL
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-25:09.netinet.asc[FreeBSD-SA-25:09.netinet] |22 October 2025 |SO_REUSEPORT_LB breaks connect(2) for UDP sockets
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-25:10.unbound.asc[FreeBSD-SA-25:10.unbound] |26 November 2025 |Cache poison in local-unbound service
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-25:11.ipfw.asc[FreeBSD-SA-25:11.ipfw] |16 December 2025 |ipfw denial of service
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc[FreeBSD-SA-25:12.rtsold] |16 December 2025 |Remote code execution via ND6 Router Advertisements
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:01.openssl.asc[FreeBSD-SA-26:01.openssl] |27 January 2026 |Multiple vulnerabilities in OpenSSL
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:02.jail.asc[FreeBSD-SA-26:02.jail] |27 January 2026 |Jail escape by a privileged user via nullfs
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:04.jail.asc[FreeBSD-SA-26:04.jail] |24 February 2026 |Jail chroot escape via fd exchange with a different jail
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:05.route.asc[FreeBSD-SA-26:05.route] |24 February 2026 |Local DoS and possible privilege escalation via routing sockets
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:06.tcp.asc[FreeBSD-SA-26:06.tcp] |26 March 2026 |TCP: remotely exploitable DoS vector (mbuf leak)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc[FreeBSD-SA-26:08.rpcsec_gss] |26 March 2026 |Remote code execution via RPCSEC_GSS packet validation
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:18.setcred.asc[FreeBSD-SA-26:18.setcred] |20 May 2026 |Stack buffer overflow via setcred(2)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:19.file.asc[FreeBSD-SA-26:19.file] |20 May 2026 |Kernel use-after-free via file descriptor syscalls
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:20.fusefs.asc[FreeBSD-SA-26:20.fusefs] |20 May 2026 |Heap overflow in FUSE_LISTXATTR
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:21.ptrace.asc[FreeBSD-SA-26:21.ptrace] |20 May 2026 |Missing validation in ptrace(PT_SC_REMOTE)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
 |===
 
 [[errata]]
 == Errata Notices
 
 [width="100%",cols="40%,30%,30%",options="header",]
 |===
 |Errata |Date |Topic
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-25:10.zfs.asc[FreeBSD-EN-25:10.zfs] |2 July 2025 |Corruption in ZFS replication streams from encrypted datasets
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-25:12.efi.asc[FreeBSD-EN-25:12.efi] |8 August 2025 |bsdinstall(8) not copying the correct loader on systems with
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-25:13.wlan_tkip.asc[FreeBSD-EN-25:13.wlan_tkip] |8 August 2025 |net80211 TKIP crypto support fails for some drivers
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-25:14.route.asc[FreeBSD-EN-25:14.route] |8 August 2025 |route(8) monitor buffers too much when redirected to a file
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-25:15.arm64.asc[FreeBSD-EN-25:15.arm64] |16 September 2025 |arm64 syscall(2) allows unprivileged user to panic kernel
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-25:16.vfs.asc[FreeBSD-EN-25:16.vfs] |16 September 2025 |copy_file_range(2) fails to set output parameters
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-25:17.bnxt.asc[FreeBSD-EN-25:17.bnxt] |16 September 2025 |bnxt(4) fails to set media type in some cases
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-25:18.freebsd-update.asc[FreeBSD-EN-25:18.freebsd-update] |30 September 2025 |freebsd-update(8) installs libraries in incorrect order
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:02.arm64.asc[FreeBSD-EN-26:02.arm64] |27 January 2026 |arm64 SVE signal context misalignment
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:03.vm.asc[FreeBSD-EN-26:03.vm] |27 January 2026 |The page fault handler fails to zero memory
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:05.vm.asc[FreeBSD-EN-26:05.vm] |21 April 2026 |The page fault handler fails to zero memory
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:06.timerfd.asc[FreeBSD-EN-26:06.timerfd] |21 April 2026 |Periodic timerfd(2) timers may produce incorrect results
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:09.tzdata.asc[FreeBSD-EN-26:09.tzdata] |29 April 2026 |Timezone database information update
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:10.amd64.asc[FreeBSD-EN-26:10.amd64] |29 April 2026 |TLB invalidation bug on AMD systems with INVLPGB
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:11.dhclient.asc[FreeBSD-EN-26:11.dhclient] |1 May 2026 |dhclient(8) lease validation is too strict
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:12.freebsd-update.asc[FreeBSD-EN-26:12.freebsd-update] |1 May 2026 |Source inconsistency between freebsd-update, EN/SAs, and git
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:13.freebsd-update.asc[FreeBSD-EN-26:13.freebsd-update] |20 May 2026 |freebsd-update attempts to merge a generated file
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:15.openssl.asc[FreeBSD-EN-26:15.openssl] |9 June 2026 |Update OpenSSL to 3.0.20 and 3.5.6
 |===
 
 [[open-issues]]
 == Open Issues
 
 * When "restarting" the FreeBSD installation process, some values are remembered and not re-prompted.
 
 * The installer produces a non-booting system in the (non-default) combination of MBR and ZFS.
 
 * SCTP can use deprecated addresses even when `net.inet6.ip6.use_deprecated` is set to zero (non-default).
 
 * Unloading the `snd_dummy` kernel module can cause a kernel panic.
 
 * Some wifi drivers fail to connect to networks using the (long-deprecated) TKIP protocol.
 
 [[late-news]]
 == Late-Breaking News
 
 [[late-287482]]
 The ZFS raw virtual machine image for AMD64 is prone to kernel panics (link:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=287482[bug 287482]).
 `FreeBSD-14.3-RELEASE-amd64-zfs.raw.xz` has been removed from download.freebsd.org but remains available for reference on archive.freebsd.org.
 Torrents of the file should be avoided.
diff --git a/website/content/en/releases/14.4R/errata.adoc b/website/content/en/releases/14.4R/errata.adoc
index 4f6eedbc5f..df26ddd969 100644
--- a/website/content/en/releases/14.4R/errata.adoc
+++ b/website/content/en/releases/14.4R/errata.adoc
@@ -1,108 +1,109 @@
 ---
 title: "FreeBSD 14.4-RELEASE Errata"
 sidenav: download
 ---
 
 :release: 14.4-RELEASE
 :releaseNext: 14.5-RELEASE
 :releaseBranch: 14-STABLE
 
 = FreeBSD {release} Errata
 
 == Abstract
 
 This document lists errata items for FreeBSD {release}, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation.
 This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability.
 An up-to-date version of this document should always be consulted before installing this version of FreeBSD.
 
 This errata document for FreeBSD {release} will be maintained until the release of FreeBSD {releaseNext}.
 
 == Table of Contents
 
 * <<intro,Introduction>>
 * <<security,Security Advisories>>
 * <<errata,Errata Notices>>
 * <<open-issues,Open Issues>>
 * <<late-news,Late-Breaking News>>
 
 [[intro]]
 == Introduction
 
 This errata document contains "late-breaking news" about FreeBSD {release}.
 Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.
 
 Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the "current errata" for this release.
 These other copies of the errata are located at https://www.FreeBSD.org/releases/, plus any sites which keep up-to-date mirrors of this location.
 
 Source and binary snapshots of FreeBSD {releaseBranch} also contain up-to-date copies of this document (as of the time of the snapshot).
 
 For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/security/.
 
 [[security]]
 == Security Advisories
 
 [width="100%",cols="40%,30%,30%",options="header",]
 |===
 |Advisory |Date |Topic
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:06.tcp.asc[FreeBSD-SA-26:06.tcp] |26 March 2026 |TCP: remotely exploitable DoS vector (mbuf leak)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc[FreeBSD-SA-26:08.rpcsec_gss] |26 March 2026 |Remote code execution via RPCSEC_GSS packet validation
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:18.setcred.asc[FreeBSD-SA-26:18.setcred] |20 May 2026 |Stack buffer overflow via setcred(2)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:19.file.asc[FreeBSD-SA-26:19.file] |20 May 2026 |Kernel use-after-free via file descriptor syscalls
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:20.fusefs.asc[FreeBSD-SA-26:20.fusefs] |20 May 2026 |Heap overflow in FUSE_LISTXATTR
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:21.ptrace.asc[FreeBSD-SA-26:21.ptrace] |20 May 2026 |Missing validation in ptrace(PT_SC_REMOTE)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
 |===
 
 [[errata]]
 == Errata Notices
 
 [width="100%",cols="40%,30%,30%",options="header",]
 |===
 |Errata |Date |Topic
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:05.vm.asc[FreeBSD-EN-26:05.vm] |21 April 2026 |The page fault handler fails to zero memory
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:06.timerfd.asc[FreeBSD-EN-26:06.timerfd] |21 April 2026 |Periodic timerfd(2) timers may produce incorrect results
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:09.tzdata.asc[FreeBSD-EN-26:09.tzdata] |29 April 2026 |Timezone database information update
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:10.amd64.asc[FreeBSD-EN-26:10.amd64] |29 April 2026 |TLB invalidation bug on AMD systems with INVLPGB
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:11.dhclient.asc[FreeBSD-EN-26:11.dhclient] |1 May 2026 |dhclient(8) lease validation is too strict
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:12.freebsd-update.asc[FreeBSD-EN-26:12.freebsd-update] |1 May 2026 |Source inconsistency between freebsd-update, EN/SAs, and git
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:13.freebsd-update.asc[FreeBSD-EN-26:13.freebsd-update] |20 May 2026 |freebsd-update attempts to merge a generated file
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:15.openssl.asc[FreeBSD-EN-26:15.openssl] |9 June 2026 |Update OpenSSL to 3.0.20 and 3.5.6
 |===
 
 [[open-issues]]
 == Open Issues
 
 1. **man:freebsd-update[8]** commands such as `fetch` or `install` may hang when man:pkg[8] is not bootstrapped on the system. +
 **Workaround**: run man:pkg[8] to install the package management tool, then reuse man:freebsd-update[8]. +
 **State**: open - https://bugs.freebsd.org/293516 +
 
 2. **man:loader_lua[8]** A regression in the boot loader scripts causes the wrong kernel to be selected if /boot/kernel is a symlink. +
 **Workaround**: Disable automatic kernel detection by adding kernels_autodetect="NO" to [.filename]#/boot/loader.conf#. +
 **State**: fixed in main - https://bugs.freebsd.org/293654 +
 
 [[late-news]]
 == Late-Breaking News
 
 No late-breaking news.
diff --git a/website/content/en/releases/15.0R/errata.adoc b/website/content/en/releases/15.0R/errata.adoc
index 8316c7d8f8..0a35ba1a06 100644
--- a/website/content/en/releases/15.0R/errata.adoc
+++ b/website/content/en/releases/15.0R/errata.adoc
@@ -1,133 +1,135 @@
 ---
 title: "FreeBSD 15.0-RELEASE Errata"
 sidenav: download
 ---
 
 :release: 15.0-RELEASE
 :releaseNext: 15.1-RELEASE
 :releaseBranch: 15-STABLE
 
 = FreeBSD {release} Errata
 
 == Abstract
 
 This document lists errata items for FreeBSD {release}, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation.
 This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability.
 An up-to-date version of this document should always be consulted before installing this version of FreeBSD.
 
 This errata document for FreeBSD {release} will be maintained until the release of FreeBSD {releaseNext}.
 
 == Table of Contents
 
 * <<intro,Introduction>>
 * <<security,Security Advisories>>
 * <<errata,Errata Notices>>
 * <<open-issues,Open Issues>>
 * <<late-news,Late-Breaking News>>
 
 [[intro]]
 == Introduction
 
 This errata document contains "late-breaking news" about FreeBSD {release}.
 Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.
 
 Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the "current errata" for this release.
 These other copies of the errata are located at https://www.FreeBSD.org/releases/, plus any sites which keep up-to-date mirrors of this location.
 
 Source and binary snapshots of FreeBSD {releaseBranch} also contain up-to-date copies of this document (as of the time of the snapshot).
 
 For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/security/.
 
 [[security]]
 == Security Advisories
 
 [width="100%",cols="40%,30%,30%",options="header",]
 |===
 |Advisory |Date |Topic
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc[FreeBSD-SA-25:12.rtsold] |16 December 2025 |Remote code execution via ND6 Router Advertisements
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:01.openssl.asc[FreeBSD-SA-26:01.openssl] |27 January 2026 |Multiple vulnerabilities in OpenSSL
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:03.blocklistd.asc[FreeBSD-SA-26:03.blocklistd] |10 February 2026 |blocklistd(8) socket leak
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:05.route.asc[FreeBSD-SA-26:05.route] |24 February 2026 |Local DoS and possible privilege escalation via routing sockets
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:06.tcp.asc[FreeBSD-SA-26:06.tcp] |26 March 2026 |TCP: remotely exploitable DoS vector (mbuf leak)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:07.nvmf.asc[FreeBSD-SA-26:07.nvmf] |26 March 2026 |Remote denial of service via null pointer dereference
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc[FreeBSD-SA-26:08.rpcsec_gss] |26 March 2026 |Remote code execution via RPCSEC_GSS packet validation
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:18.setcred.asc[FreeBSD-SA-26:18.setcred] |20 May 2026 |Stack buffer overflow via setcred(2)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:19.file.asc[FreeBSD-SA-26:19.file] |20 May 2026 |Kernel use-after-free via file descriptor syscalls
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:20.fusefs.asc[FreeBSD-SA-26:20.fusefs] |20 May 2026 |Heap overflow in FUSE_LISTXATTR
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:21.ptrace.asc[FreeBSD-SA-26:21.ptrace] |20 May 2026 |Missing validation in ptrace(PT_SC_REMOTE)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
 |===
 
 [[errata]]
 == Errata Notices
 
 [width="100%",cols="40%,30%,30%",options="header",]
 |===
 |Errata |Date |Topic
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-25:19.zfs.asc[FreeBSD-EN-25:19.zfs] |16 December 2025 |Unprivileged kernel NULL pointer dereference
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-25:20.vmm.asc[FreeBSD-EN-25:20.vmm] |16 December 2025 |bhyve(8) PCI passthru regression
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:01.devinfo.asc[FreeBSD-EN-26:01.devinfo] |27 January 2026 |devinfo output formatting regression
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:02.arm64.asc[FreeBSD-EN-26:02.arm64] |27 January 2026 |arm64 SVE signal context misalignment
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:03.vm.asc[FreeBSD-EN-26:03.vm] |27 January 2026 |The page fault handler fails to zero memory
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:04.arm64.asc[FreeBSD-EN-26:04.arm64] |10 February 2026 |Kernel panic when dumping process core on arm64
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:05.vm.asc[FreeBSD-EN-26:05.vm] |21 April 2026 |The page fault handler fails to zero memory
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:06.timerfd.asc[FreeBSD-EN-26:06.timerfd] |21 April 2026 |Periodic timerfd(2) timers may produce incorrect results
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:07.pkgbase.asc[FreeBSD-EN-26:07.pkgbase] |21 April 2026 |Base packages fail to build with newer versions of libucl
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:08.pf.asc[FreeBSD-EN-26:08.pf] |29 April 2026 |Incorrect duplicate rule detection for automatic tables
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:09.tzdata.asc[FreeBSD-EN-26:09.tzdata] |29 April 2026 |Timezone database information update
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:10.amd64.asc[FreeBSD-EN-26:10.amd64] |29 April 2026 |TLB invalidation bug on AMD systems with INVLPGB
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:11.dhclient.asc[FreeBSD-EN-26:11.dhclient] |1 May 2026 |dhclient(8) lease validation is too strict
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:12.freebsd-update.asc[FreeBSD-EN-26:12.freebsd-update] |1 May 2026 |Source inconsistency between freebsd-update, EN/SAs, and git
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:13.freebsd-update.asc[FreeBSD-EN-26:13.freebsd-update] |20 May 2026 |freebsd-update attempts to merge a generated file
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:14.syslogd.asc[FreeBSD-EN-26:14.syslogd] |9 June 2026 |syslogd(8) memory leak in casper_ttymsg()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:15.openssl.asc[FreeBSD-EN-26:15.openssl] |9 June 2026 |Update OpenSSL to 3.0.20 and 3.5.6
 |===
 
 [[open-issues]]
 == Open Issues
 
 1. **man:ipfw[8]** denies networking when booting a 15.0 kernel with 14.3 userland +
 **Workaround**: disable man:ipfw[8] or upgrade completely before rebooting man:ipfw[8] systems +
 **State**: open - https://bugs.freebsd.org/291562 +
 
 2. **man:devinfo[8]** output format accidentally changed +
 **Workaround**: users parsing man:devinfo[8] must build it from a newer source +
 **State**: reverted in FreeBSD 15.0-RELEASE-p2 -  https://www.FreeBSD.org/security/advisories/FreeBSD-EN-26:01.devinfo.asc +
 
 3. **man:pkgbase[7]** system upgrading from 14.3 to 15.0 is not supported +
 **Workaround**: systems installed with man:pkgbase[7] must backup and reinstall +
 **State**: works as intended, man:pkgbase[7] is an experimental preview +
 
 4. **FreeBSD/powerpc** images do not boot on Apple G5 systems +
 **Workaround**: do not install this release on Apple G5 systems +
 **State**: fixed in main - https://bugs.freebsd.org/292341 +
 
 5. **man:loader.efi[8]** has a regression preventing boot on some systems with remote serial console facilities including HPE systems +
 **Workaround**: unset `hw.uart.console` at the man:loader[8] prompt if it hangs and/or instant reboots when loading the kernel +
 **State**: fixed in main - https://bugs.freebsd.org/291461 +
 
 [[late-news]]
 == Late-Breaking News
 
 No late-breaking news.