diff --git a/CHANGELOG.md b/CHANGELOG.md
index 17c1ba80d..d849809cd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,13 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 ## [Unreleased]
 
 ### Security
+
+## [4.0.0]
+
+### Breaking Changes
+
+- **PostgreSQL 14+ is now a hard requirement:** The `lib/pq` driver has been updated to v1.11.2, which only supports PostgreSQL 14 and newer. Previously, PostgreSQL 17.x was the "tested and default" version, but older versions (e.g., PostgreSQL 13) may have still worked. With this update, **operators running PostgreSQL 13 or older must upgrade their database before upgrading Nebraska**. See the [Upgrade PostgreSQL](https://github.com/flatcar/nebraska/tree/main/charts/nebraska#upgrade-postgresql) migration guide for step-by-step instructions. ([#1300](https://github.com/flatcar/nebraska/pull/1300))
+
 ### Added
 
 - **Multi-Step Updates with Floor Packages:** Added support for mandatory intermediate update versions (floor packages) that clients must install before reaching the target version. This enables safe migration paths for breaking changes by ensuring clients update through specific versions in order. Floor packages can be configured per channel with optional reasons and are architecture-specific. ([#1195](https://github.com/flatcar/nebraska/pull/1195))
@@ -19,6 +26,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
   - Package list UI now updates immediately after blacklist changes
   - Channel edit dialog filters out blacklisted packages from selection
   - Floor package selection prevents choosing blacklisted packages with clear visual feedback
+- Improved reverse domain ID validation regex to eliminate inefficient nested quantifiers flagged by CodeQL, and extracted it into a shared constant with tests. ([#1222](https://github.com/flatcar/nebraska/pull/1222))
 
 ### Removed
 ### Bugfixes
diff --git a/README.md b/README.md
index f4011853f..e1522a9f7 100644
--- a/README.md
+++ b/README.md
@@ -15,6 +15,10 @@ Nebraska is an update manager for [Flatcar Container Linux](https://www.flatcar.
 
 [![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/flatcar/nebraska/badge)](https://scorecard.dev/viewer/?uri=github.com/flatcar/nebraska)
 
+## Requirements
+
+- **PostgreSQL 14 or newer** (PostgreSQL 17.x recommended)
+
 ## Overview
 
 Nebraska offers an easy way to monitor and manage the rollout of updates to applications that use
diff --git a/charts/nebraska/README.md b/charts/nebraska/README.md
index 95ed192c4..7db76791c 100644
--- a/charts/nebraska/README.md
+++ b/charts/nebraska/README.md
@@ -64,6 +64,8 @@ The OIDC implementation has been refactored to use Authorization Code Flow with
 
 ## Upgrade PostgreSQL
 
+> **⚠️ Important:** Nebraska requires **PostgreSQL 14 or newer**. PostgreSQL 17.x is recommended. If you are running PostgreSQL 13 or older, you must upgrade your database before upgrading Nebraska to v4.0.0 or later.
+
 When there is a major upgrade of PostgreSQL, a manual intervention might be required with a downtime. It is possible to automate things with operators, but here's a simple example:
 
 1. Scale down Nebraska deployment: