diff --git a/change-notes/2021-10-27-insufficient-key-size-sanitizer.md b/change-notes/2021-10-27-insufficient-key-size-sanitizer.md
new file mode 100644
index 00000000000..5cd7a616e08
--- /dev/null
+++ b/change-notes/2021-10-27-insufficient-key-size-sanitizer.md
@@ -0,0 +1,3 @@
+lgtm,codescanning
+* The query "Use of a weak cryptographic key" has been improved to recognize more cases where the
+  key size should be considered to be safe, which should lead to fewer false positive results.