diff --git a/.changeset/tough-dancers-suffer.md b/.changeset/tough-dancers-suffer.md
new file mode 100644
index 0000000000..fd439668db
--- /dev/null
+++ b/.changeset/tough-dancers-suffer.md
@@ -0,0 +1,23 @@
+---
+'@backstage/plugin-scaffolder-backend-module-gitlab': patch
+'@backstage/frontend-plugin-api': patch
+'@backstage/plugin-permission-backend': patch
+'@backstage/plugin-scaffolder-backend': patch
+'@backstage/plugin-permission-common': patch
+'@backstage/core-components': patch
+'@backstage/plugin-playlist-backend': patch
+'@backstage/plugin-scaffolder-react': patch
+'@backstage/plugin-catalog-backend': patch
+'@backstage/plugin-permission-node': patch
+'@backstage/plugin-scaffolder-node': patch
+'@backstage/backend-tasks': patch
+'@backstage/plugin-search-backend': patch
+'@backstage/core-app-api': patch
+'@backstage/plugin-scaffolder': patch
+'@backstage/cli-node': patch
+'@backstage/plugin-auth-node': patch
+'@backstage/cli': patch
+'@backstage/plugin-home': patch
+---
+
+Fixing regular expression ReDoS with zod packages. Upgrading to latest. ref: https://security.snyk.io/vuln/SNYK-JS-ZOD-5925617