diff --git a/change-notes/2020-05-12-tainted-path.md b/change-notes/2020-05-12-tainted-path.md
new file mode 100644
index 00000000000..ccd78ed7d1f
--- /dev/null
+++ b/change-notes/2020-05-12-tainted-path.md
@@ -0,0 +1,4 @@
+lgtm,codescanning
+* The queries "Uncontrolled data used in path expression" and "Arbitrary file write during zip
+  extraction ("zip slip")" have been improved to recognize more file APIs, which may lead to more
+  alerts.