diff --git a/CHANGELOG.md b/CHANGELOG.md
index c1c0639bd..965f75746 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,10 @@
+## [4.1.4](https://github.com/socketio/engine.io-client/compare/4.1.3...4.1.4) (2021-05-05)
+
+This release only contains a bump of `xmlhttprequest-ssl`, in order to fix the following vulnerability: https://www.npmjs.com/advisories/1665.
+
+Please note that `engine.io-client` was not directly impacted by this vulnerability, since we are always using `async: true`.
+
+
 ## [4.1.3](https://github.com/socketio/engine.io-client/compare/4.1.2...4.1.3) (2021-03-31)
 
 
diff --git a/dist/engine.io.js b/dist/engine.io.js
index b0a204d2f..959cea23e 100644
--- a/dist/engine.io.js
+++ b/dist/engine.io.js
@@ -1,5 +1,5 @@
 /*!
- * Engine.IO v4.1.3
+ * Engine.IO v4.1.4
  * (c) 2014-2021 Guillermo Rauch
  * Released under the MIT License.
  */
diff --git a/dist/engine.io.min.js b/dist/engine.io.min.js
index bd812a26e..ce27e87c5 100644
--- a/dist/engine.io.min.js
+++ b/dist/engine.io.min.js
@@ -1,5 +1,5 @@
 /*!
- * Engine.IO v4.1.3
+ * Engine.IO v4.1.4
  * (c) 2014-2021 Guillermo Rauch
  * Released under the MIT License.
  */
diff --git a/package-lock.json b/package-lock.json
index 02736b0ac..46300c137 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "engine.io-client",
-  "version": "4.1.3",
+  "version": "4.1.4",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/package.json b/package.json
index fb43f4d2b..b833f94ec 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
   "name": "engine.io-client",
   "description": "Client for the realtime Engine",
   "license": "MIT",
-  "version": "4.1.3",
+  "version": "4.1.4",
   "main": "lib/index.js",
   "homepage": "https://github.com/socketio/engine.io-client",
   "contributors": [