diff --git a/.api-version b/.api-version
index ac2f3747d9..e048e60ec1 100644
--- a/.api-version
+++ b/.api-version
@@ -1 +1 @@
-7.9.1
\ No newline at end of file
+7.9.2
\ No newline at end of file
diff --git a/modules/ROOT/nav.adoc b/modules/ROOT/nav.adoc
index 52efac89ae..e37ba743ac 100644
--- a/modules/ROOT/nav.adoc
+++ b/modules/ROOT/nav.adoc
@@ -417,6 +417,11 @@
 ** xref:tinymce-and-cors.adoc[Cross-Origin Resource Sharing (CORS)]
 * Release information
 ** xref:release-notes.adoc[Release notes for {productname}]
+*** {productname} 7.9.2
+**** xref:7.9.2-release-notes.adoc#overview[Overview]
+**** xref:7.9.2-release-notes.adoc#additions[Additions]
+**** xref:7.9.2-release-notes.adoc#deprecated[Deprecated]
+**** xref:7.9.2-release-notes.adoc#security-fixes[Security fixes]
 *** {productname} 7.9.0
 **** xref:7.9.0-release-notes.adoc#overview[Overview]
 **** xref:7.9.0-release-notes.adoc#accompanying-premium-self-hosted-server-side-component-changes[Accompanying Premium self-hosted server-side component changes]
diff --git a/modules/ROOT/pages/7.9.2-release-notes.adoc b/modules/ROOT/pages/7.9.2-release-notes.adoc
new file mode 100644
index 0000000000..3768f97d07
--- /dev/null
+++ b/modules/ROOT/pages/7.9.2-release-notes.adoc
@@ -0,0 +1,59 @@
+= {productname} {release-version}
+:release-version: 7.9.2
+:navtitle: {productname} {release-version}
+:description: Release notes for {productname} {release-version}
+:keywords: releasenotes, new, changes, bugfixes
+:page-toclevels: 1
+
+include::partial$misc/admon-releasenotes-for-stable.adoc[]
+
+
+[[overview]]
+== Overview
+
+{productname} {release-version} was released for {enterpriseversion} and {cloudname} on Wednesday, February 11^th^, 2026. These release notes provide an overview of the changes for {productname} {release-version}, including:
+
+* xref:additions[Additions]
+* xref:deprecated[Deprecated]
+* xref:security-fixes[Security fixes]
+
+
+[[additions]]
+== Additions
+
+{productname} {release-version} also includes the following addition:
+
+=== Introduced `allow_html_in_comments` option
+
+Introduced `allow_html_in_comments` option (boolean, default: `true`) to control handling of HTML-like syntax in comment nodes. This option will default to `false` in TinyMCE 8.x.
+
+For information on the `allow_html_in_comments` option, see: xref:content-filtering.adoc#allow-html-in-comments[allow_html_in_comments].
+
+
+[[deprecated]]
+== Deprecated
+
+{productname} {release-version} includes the following deprecation:
+
+=== The default value of `allow_html_in_comments` will change in TinyMCE 8.x
+
+The default value of `allow_html_in_comments` will change from `true` to `false` in TinyMCE 8.x.
+
+
+[[security-fixes]]
+== Security fixes
+
+{productname} {release-version} includes fixes for the following security issues:
+
+=== Enhanced content sanitization
+
+Updated dependencies and parsing logic for enhanced content sanitization. HTML-like content in comments and certain legacy patterns are now sanitized more strictly when `xss_sanitization` is enabled (default). The introduced `allow_html_in_comments` option provides control over comment node sanitization behavior.
+
+For information on content sanitization, see: xref:security.adoc#sanitizing-html-input-to-protect-against-xss-attacks[Sanitizing HTML input to protect against XSS attacks].
+
+[IMPORTANT]
+====
+**Migration:** Legacy content using HTML comment wrappers in script or style tags should be updated to use modern syntax without comment wrappers. These comment patterns were primarily used for compatibility with browsers from the 1990s and are not required by modern browsers.
+
+**Workaround:** To temporarily preserve existing content during migration, set `xss_sanitization: false`, though this is **not recommended** for production environments due to security implications.
+====
diff --git a/modules/ROOT/pages/changelog.adoc b/modules/ROOT/pages/changelog.adoc
index 0ee564e3c5..d244358e38 100644
--- a/modules/ROOT/pages/changelog.adoc
+++ b/modules/ROOT/pages/changelog.adoc
@@ -4,6 +4,20 @@
 
 NOTE: This is the {productname} Community version changelog. For information about the latest {cloudname} or {enterpriseversion} Release, see: xref:release-notes.adoc[{productname} Release Notes].
 
+== xref:7.9.2-release-notes.adoc[7.9.2 - 2026-02-11]
+
+=== Deprecated
+
+* The default value of `allow_html_in_comments` will change from `true` to `false` in TinyMCE 8.x.
+// #TINY-11900
+
+=== Security
+
+* Updated dependencies and parsing logic for enhanced content sanitization. HTML-like content in comments and certain legacy patterns are now sanitized more strictly when `xss_sanitization` is enabled (default). The introduced `allow_html_in_comments` option provides control over comment node sanitization behavior.
+// #TINY-11900
+* Introduced `allow_html_in_comments` option (boolean, default: `true`) to control handling of HTML-like syntax in comment nodes. This option will default to `false` in TinyMCE 8.x.
+// #TINY-11900
+
 == 7.9.1 - 2025-05-29
 
 === Improved
diff --git a/modules/ROOT/pages/content-filtering.adoc b/modules/ROOT/pages/content-filtering.adoc
index 2a5896970a..e0395ed15f 100644
--- a/modules/ROOT/pages/content-filtering.adoc
+++ b/modules/ROOT/pages/content-filtering.adoc
@@ -7,6 +7,8 @@ include::partial$configuration/allow_conditional_comments.adoc[]
 
 include::partial$configuration/allow_html_in_named_anchor.adoc[]
 
+include::partial$configuration/allow_html_in_comments.adoc[]
+
 include::partial$configuration/allow_mathml_annotation_encodings.adoc[]
 
 include::partial$configuration/allow_unsafe_link_target.adoc[]
diff --git a/modules/ROOT/pages/release-notes.adoc b/modules/ROOT/pages/release-notes.adoc
index 62222dbc6a..73f8d64558 100644
--- a/modules/ROOT/pages/release-notes.adoc
+++ b/modules/ROOT/pages/release-notes.adoc
@@ -9,6 +9,12 @@ This section lists the releases for {productname} 7 and the changes made in each
 [cols="1,1"]
 |===
 
+a|
+[.lead]
+xref:7.9.2-release-notes.adoc#overview[{productname} 7.9.2]
+
+Release notes for {productname} 7.9.2
+
 a|
 [.lead]
 xref:7.9.0-release-notes.adoc#overview[{productname} 7.9.0]
diff --git a/modules/ROOT/partials/configuration/allow_html_in_comments.adoc b/modules/ROOT/partials/configuration/allow_html_in_comments.adoc
new file mode 100644
index 0000000000..c46c91aaff
--- /dev/null
+++ b/modules/ROOT/partials/configuration/allow_html_in_comments.adoc
@@ -0,0 +1,25 @@
+[[allow-html-in-comments]]
+== `+allow_html_in_comments+`
+
+This option controls whether HTML-like syntax in comment nodes is allowed during content sanitization. When set to `false`, HTML-like content in comment nodes will be sanitized more strictly.
+
+*Type:* `+Boolean+`
+
+*Default value:* `+true+`
+
+*Possible values:* `+true+`, `+false+`
+
+[NOTE]
+====
+This option will default to `false` in {productname} 8.x.
+====
+
+=== Example: using `+allow_html_in_comments+`
+
+[source,js]
+----
+tinymce.init({
+  selector: 'textarea',  // change this value according to your HTML
+  allow_html_in_comments: false
+});
+----