diff --git a/CHANGES.rst b/CHANGES.rst
index 6034c8e6f3..b85f2fa290 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -10,7 +10,11 @@ https://zope.readthedocs.io/en/2.13/CHANGES.html
 4.8.9 (unreleased)
 ------------------
 
-- Update ``RestrictedPython`` to 5.4 to mitigate a security issue.
+- Update ``RestrictedPython`` to version 5.4 to mitigate a security issue.
+  (CVE-2023-41039)
+
+- Update ``AccessControl`` to version 4.4 to mitigate a security problem.
+  (CVE-2023-41050)
 
 
 4.8.8 (2023-06-20)
diff --git a/constraints.txt b/constraints.txt
index 8ea0bbf227..dd158516ec 100644
--- a/constraints.txt
+++ b/constraints.txt
@@ -1,4 +1,4 @@
-AccessControl==4.3
+AccessControl==4.4
 Acquisition==4.13
 AuthEncoding==4.3
 BTrees==4.11.3
diff --git a/requirements-full.txt b/requirements-full.txt
index ee429a42f9..f432394c07 100644
--- a/requirements-full.txt
+++ b/requirements-full.txt
@@ -1,5 +1,5 @@
 Zope==<5
-AccessControl==4.3
+AccessControl==4.4
 Acquisition==4.13
 AuthEncoding==4.3
 BTrees==4.11.3
diff --git a/versions-prod.cfg b/versions-prod.cfg
index 74d51d4391..fc2c90a7b1 100644
--- a/versions-prod.cfg
+++ b/versions-prod.cfg
@@ -5,7 +5,7 @@
 Zope = < 5
 Zope2 = 4.0
 # AccessControl 5+ no longer supports Zope 4.
-AccessControl = 4.3
+AccessControl = 4.4
 Acquisition = 4.13
 AuthEncoding = 4.3
 BTrees = 4.11.3