diff --git a/docs/docs.json b/docs/docs.json
index d6b65104..15eda5dc 100644
--- a/docs/docs.json
+++ b/docs/docs.json
@@ -894,14 +894,15 @@
"group": "Release Notes",
"pages": [
"resources/release-notes/summary",
+ "resources/release-notes/2026-07-07",
"resources/release-notes/2026-06-17",
- "resources/release-notes/2026-05-28",
{
"group": "Archive",
"pages": [
{
"group": "2026",
"pages": [
+ "resources/release-notes/2026-05-28",
"resources/release-notes/2026-05-06",
"resources/release-notes/2026-04-13",
"resources/release-notes/2026-03-23",
diff --git a/docs/manage-bloodhound/auth/users-and-roles.mdx b/docs/manage-bloodhound/auth/users-and-roles.mdx
index 37aef12b..3e675014 100644
--- a/docs/manage-bloodhound/auth/users-and-roles.mdx
+++ b/docs/manage-bloodhound/auth/users-and-roles.mdx
@@ -69,5 +69,5 @@ For OpenGraph extensions, BloodHound separates read and write permissions. Users
| Run collector client on-demand scan \[BHE\] | | | - | - | - | - |
| Add, modify, and remove a collector client \[BHE\] | | | - | - | - | - |
| Regenerate collector client credentials \[BHE\] | | | - | - | - | - |
-| File Ingest | | | - | - | - | |
+| File Ingest | | | | - | - | |
diff --git a/docs/resources/release-notes/2026-07-07.mdx b/docs/resources/release-notes/2026-07-07.mdx
new file mode 100644
index 00000000..e366ad66
--- /dev/null
+++ b/docs/resources/release-notes/2026-07-07.mdx
@@ -0,0 +1,154 @@
+---
+title: 2026-07-07 Release Notes
+description: Learn about new features, enhancements, and fixed issues in BloodHound.
+sidebarTitle: "2026-07-07"
+---
+
+| | | | | |
+| --- | --- | --- | --- | --- |
+| **Release** | **BloodHound** | **OpenHound** | **SharpHound** | **AzureHound** |
+| 2026-07-07 | v9.4.0 | v0.2.11 | No release | No release |
+
+
+ Use the filters on the right side of this page to narrow down the updates by component. You can select multiple filters at the same time to refine your results.
+
+
+
+ {/*BED-8608, BED-8609*/}
+ ## Graph ID Lookup APIs
+
+ Retrieve details for specific OpenGraph nodes and relationships by their graph-assigned integer IDs.
+
+ BloodHound now exposes the following experimental OpenGraph API endpoints:
+
+ - [`GET /api/v2/nodes/{node_id}`](/reference/opengraph-experimental/get-node-by-graph-node-id)
+ - [`GET /api/v2/relationships/{relationship_id}`](/reference/opengraph-experimental/get-relationship-by-graph-relationship-id)
+
+
+
+ {/*BED-8518, BED-8519, BED-8588*/}
+ ## Auditor Role Access Improvements
+
+ Allow auditors to review **File Ingest** activity and **SSO Configuration** details.
+
+ Auditors can now access these administration views in a read-only state while actions, such as uploading files or creating providers, remain restricted to [roles](/manage-bloodhound/auth/users-and-roles) with write access.
+
+
+
+ {/*BED-8189*/}
+ ## Updated Default Admin Email Address
+
+ Use a more appropriate default admin email address in BloodHound Community configuration and example files.
+
+ BloodHound Community now uses `admin@example.com` instead of `spam@example.com` for the [`default_admin.email_address`](/manage-bloodhound/bh-config#default_admin-email_address) configuration property and related examples.
+
+
+ Existing workflows that still rely on the previous email address for initial login may need to be updated.
+
+
+
+
+ {/*BED-8777, BED-8747, BED-8746, BED-8744, BED-8693*/}
+ ## More Resilient OpenHound Operations
+
+ Keep long-running OpenHound jobs alive, identify deployed client versions more easily, and troubleshoot failures with clearer logs.
+
+ OpenHound now:
+
+ - Continues checking in during active collections to reduce unintended job timeouts
+ - Continues collection more often when single-object errors occur
+ - Handles deferred pipeline failures more consistently
+ - Reports its version to BloodHound for visibility on the **Manage Clients** page
+ - Uses human-readable plain-text [log format](/openhound/configuration#log-format) by default for file and stdout output, while keeping structured JSON as an opt-in format
+
+
+
+ {/*BED-8303, BED-7739, BED-8520*/}
+ ## Privilege Zone Rule Authoring Improvements
+
+ Build and validate Privilege Zone [rules](/analyze-data/privilege-zones/rules) with less rework when you switch rule types or refine Cypher-based rules.
+
+ BloodHound now:
+
+ - Preserves rule state when you switch between Cypher and Object ID rule types
+ - Prompts you to rerun Cypher when the query changes
+ - Warns you with a confirmation dialog before saving a Cypher-based rule that returns no results
+
+
+ This helps when you expect a rule to return results after future data collection or changes in your environment.
+
+
+
+
+ {/*BED-7222, BED-7215, BED-7212, BED-8290*/}
+ ## Accessibility Improvements
+
+ Navigate BloodHound with clearer focus states, more consistent semantic structure, and better screen-reader labeling across key workflows.
+
+ This release improves accessible names and labels in administration forms, strengthens visible keyboard focus behavior, and refines headings and page structure to better support assistive technologies.
+
+
+
+ {/*BI-1814*/}
+ ## Higher Memory Limits for Cypher Queries
+
+
+
+ Run more complex Cypher queries in BloodHound Enterprise and return larger **Entity Panel** sections than were previously supported.
+
+
+
+ {/*BED-8276, BED-8781*/}
+ ## Variable Analysis Mode
+
+
+
+ See Privilege Zone updates reflected in your graph faster.
+
+ When you enable [Variable Analysis Mode](/analyze-data/findings/analysis#variable-analysis-mode) on the **Early Access** page, BloodHound Enterprise can skip post-processing after Privilege Zone changes and re-run only the analysis stages needed to update tagged objects and findings.
+
+ This reduces the time it takes for updated zone definitions and related findings to appear in the graph.
+
+
+
+ ## Analysis
+
+ {/*BED-5572*/} Resolved an issue where multi-forest environments that consolidated ADCS into one forest could produce false-positive ADCS ESC attack path edges when a **Computer** node belonged to a different forest than the **Enterprise CA**.
+
+ ## API
+
+ - {/*BED-8136*/} Resolved an issue where the [`GET /api/v2/datapipe/status`](/reference/datapipe/get-datapipe-status) endpoint did not reliably update `last_analysis_run_at` and did not expose the scheduled-analysis timestamps needed to track analysis cadence.
+ - {/*BED-4867*/} Resolved an issue where the [`related_entity_type`](/reference/azure-entities/get-azure-entity#parameter-related-entity-type) parameter on the **Get Azure entity** endpoint could respond too slowly for descendant objects of large **AZTenant** nodes and degrade the user experience in the UI.
+
+ ## Explore
+
+ - {/*BED-7040*/} Resolved an issue where saved query imports could fail for JSON files that used UTF-8 BOM encoding, including files packaged in ZIP archives.
+ - {/*BED-7883*/} Resolved an issue where Cypher equality comparisons could fail for values that contained special characters.
+
+ ## OpenGraph
+
+ - {/*BED-8656*/} Resolved an issue where dragging a file onto the **Quick Upload** dialog on the **OpenGraph Management** page could open the wrong dialog.
+ - {/*BED-8642*/} Resolved an issue where nodes with colons in their names could disappear from the **Search** and **Pathfinding** fields.
+ - {/*BED-8570*/} Resolved an issue where the OpenGraph extension deletion dialog accepted only one character at a time, preventing confirmation.
+ - {/*BED-8310*/} Resolved an issue where the Privilege Zone object details panel failed to load OpenGraph node data for rule-matched objects.
+
+ ## UI
+
+ - {/*BED-8754*/} Resolved focus-state inconsistencies on dropdown menus that could make active controls harder to distinguish.
+ - {/*BED-8390*/} Resolved an issue where parts of the **Posture** page used browser localization settings inconsistently.
+
+ ## Findings
+
+
+
+ {/*BED-8114*/} Resolved an issue where individual attack paths and their finding counts could appear on the **Posture** page but not on the **Attack Paths** page.
+
+
+
+ - {/*BED-8783*/} Resolved an issue where a stub `GH_Organization` node could overwrite a fully collected organization and incorrectly mark it as not collected.
+ - {/*BED-8687*/} Resolved an issue that could cause GitHub collections to fail during normalization.
+ - {/*BED-8689*/} Resolved issues that made large GitHub collections more likely to stall or fail when GitHub API rate limits were exhausted.
+ - {/*BED-8768, BED-8729, BED-8688*/} Resolved multiple Jamf collector failures involving preprocessing, database lookups, and ingest behavior.
+ - {/*BED-8692*/} Resolved an issue that could cause Okta and GitHub collections to fail in Kubernetes-based deployments.
+ - {/*BED-8855*/} Resolved an issue where OpenHound did not respect the default setting that disables anonymous telemetry data.
+
diff --git a/docs/resources/release-notes/summary.mdx b/docs/resources/release-notes/summary.mdx
index dd814031..59e0887e 100644
--- a/docs/resources/release-notes/summary.mdx
+++ b/docs/resources/release-notes/summary.mdx
@@ -20,6 +20,40 @@ SpecterOps is heading to Black Hat USA 2026 with training courses, technical bri
We're excited to share that SO-CON talks are now available [online](https://ghst.ly/SOCON26YT). We've also published the presentation slide decks in a public [GitHub repository](https://github.com/SpecterOps/presentations/tree/main/SO-CON%202026).
+## 2026-07-07
+
+| | | | | |
+| --- | --- | --- | --- | --- |
+| **Release** | **BloodHound** | **OpenHound** | **SharpHound** | **AzureHound** |
+| 2026-07-07 | v9.4.0 | v0.2.11 | No release | No release |
+
+This release opens more administration workflows to auditors in read-only mode, and improves OpenHound collection resilience. Key highlights include:
+
+- **OpenHound**: Keep long-running jobs alive, identify deployed client versions more easily, and troubleshoot failures with clearer logs.
+- **Cypher**: Run more complex Cypher queries in BloodHound Enterprise and return larger **Entity Panel** sections than were previously supported.
+
+### New Features
+
+| Component | Update | Summary |
+| --- | --- | --- |
+| API | [Graph ID Lookup APIs](/resources/release-notes/2026-07-07#graph-id-lookup-apis) | Retrieve nodes and relationships by graph-assigned integer IDs for targeted automation and investigation. |
+
+### Enhancements
+
+| Component | Update | Summary |
+| --- | --- | --- |
+| Administration | [Auditor Role Access Improvements](/resources/release-notes/2026-07-07#auditor-role-access-improvements) | Auditors may now review **File Ingest** activity and **SSO Configuration** details. |
+| Administration | [Updated Default Admin Email Address](/resources/release-notes/2026-07-07#updated-default-admin-email-address) | BloodHound Community now uses `admin@example.com` instead of `spam@example.com` in configuration and example files. |
+| Data Collection | [More Resilient OpenHound Operations](/resources/release-notes/2026-07-07#more-resilient-openhound-operations) | Keep OpenHound jobs alive longer, surface installed versions in BloodHound, and improve logging and failure handling. |
+| Cypher (Enterprise) | [Higher Memory Limits for Cypher Queries](/resources/release-notes/2026-07-07#higher-memory-limits-for-cypher-queries) | BloodHound Enterprise now uses a higher memory limit for Cypher queries. |
+| Zone Builder | [Privilege Zone Rule Authoring Improvements](/resources/release-notes/2026-07-07#privilege-zone-rule-authoring-improvements) | Preserve rule state across rule types and warn before saving Cypher-based rules that return no results. |
+| Zone Builder | [Variable Analysis Mode](/resources/release-notes/2026-07-07#variable-analysis-mode) | Skip post-processing after Privilege Zone changes so updated zone definitions and related findings appear faster in the graph. |
+| Accessibility | [Accessibility Improvements](/resources/release-notes/2026-07-07#accessibility-improvements) | Navigate key workflows with clearer focus states, semantic structure, and screen-reader labels. |
+
+### Fixed Issues
+
+See the [release notes](/resources/release-notes/2026-07-07#bloodhound-8) for a full list of fixed issues in this release.
+
## 2026-06-17
| | | | | |