diff --git a/docs/release-notes-mtr/master.adoc b/docs/release-notes-mtr/master.adoc
index 4cea838..eda6229 100644
--- a/docs/release-notes-mtr/master.adoc
+++ b/docs/release-notes-mtr/master.adoc
@@ -20,6 +20,16 @@ include::topics/snippet-mtr-end-of-life.adoc[]
 
 These release notes cover all Z-stream releases of {ProductShortName} 1.2 with the most recent release listed first.
 
+== {ProductShortName} 1.2.7
+
+include::topics/mtr-rn-known-issues-1-2-7.adoc[leveloffset=+2]
+include::topics/mtr-rn-resolved-issues-1-2-7.adoc[leveloffset=+2]
+
+== {ProductShortName} 1.2.6
+
+include::topics/mtr-rn-known-issues-1-2-6.adoc[leveloffset=+2]
+include::topics/mtr-rn-resolved-issues-1-2-6.adoc[leveloffset=+2]
+
 == {ProductShortName} 1.2.5
 include::topics/mtr-rn-new-features-1-2-5.adoc[leveloffset=+2]
 include::topics/mtr-rn-known-issues-1-2-5.adoc[leveloffset=+2]
diff --git a/docs/topics/mtr-rn-known-issues-1-2-6.adoc b/docs/topics/mtr-rn-known-issues-1-2-6.adoc
new file mode 100644
index 0000000..06b87a1
--- /dev/null
+++ b/docs/topics/mtr-rn-known-issues-1-2-6.adoc
@@ -0,0 +1,19 @@
+// Module included in the following assemblies:
+//
+// * docs/release-notes-mtr/master.adoc
+
+:_content-type: REFERENCE
+[id="mtr-rn-known-issues-1-2-6_{context}"]
+
+= Known issues
+
+The following known issues are in the {ProductShortName} 1.2.6 release:
+
+.Unable to migrate an application to {ProductShortName} due to a `SEVERE [org.jboss.windup.web.services.messaging.PackageDiscoveryMDB]` error
+
+When uploading files for analysis, the server log would return a `SEVERE [org.jboss.windup.web.services.messaging.PackageDiscoveryMDB]` error. This error is caused by a `null: java.lang.NullPointerException`. link:https://issues.redhat.com/browse/WINDUP-4189[(WINDUP-4189)]
+
+
+For a complete list of all known issues, see the list of link:https://issues.redhat.com/issues/?filter=12436484[MTR 1.2.6 known issues] in Jira.
+
+
diff --git a/docs/topics/mtr-rn-known-issues-1-2-7.adoc b/docs/topics/mtr-rn-known-issues-1-2-7.adoc
new file mode 100644
index 0000000..b446c0a
--- /dev/null
+++ b/docs/topics/mtr-rn-known-issues-1-2-7.adoc
@@ -0,0 +1,21 @@
+// Module included in the following assemblies:
+//
+// * docs/release-notes-mtr/master.adoc
+
+:_content-type: REFERENCE
+[id="mtr-rn-known-issues-1-2-7_{context}"]
+
+= Known issues
+
+The following known issues are in the {ProductShortName} 1.2.7 release:
+
+////
+.Unable to migrate an application to {ProductShortName} due to a `SEVERE [org.jboss.windup.web.services.messaging.PackageDiscoveryMDB]` error
+
+When uploading files for analysis, the server log would return a `SEVERE [org.jboss.windup.web.services.messaging.PackageDiscoveryMDB]` error. This error is caused by a `null: java.lang.NullPointerException`. link:https://issues.redhat.com/browse/WINDUP-4189[(WINDUP-4189)]
+////
+
+// filter == project in (WINDUP, WINDUPRULE) AND type = Bug AND createdDate >= 2021-01-01 AND createdDate <= 2024-09-12 AND (resolutiondate > 2024-09-12 OR resolutiondate is EMPTY) AND Priority in (Blocker, Critical, Major) ORDER BY created DESC, priority DESC, key DESC
+For a complete list of all known issues, see the list of link:https://issues.redhat.com/issues/?filter=12441308[MTR 1.2.7 known issues] in Jira.
+
+
diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc
new file mode 100644
index 0000000..6ab3f0e
--- /dev/null
+++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc
@@ -0,0 +1,73 @@
+// Module included in the following assemblies:
+//
+// * docs/release-notes-mtr/mtr_release_notes-1.2/master.adoc
+
+:_content-type: REFERENCE
+[id="mtr-rn-resolved-issues-1-2-6_{context}"]
+= Resolved issues
+
+{ProductShortName} 1.2.6 has the following resolved issues:
+
+.CVE-2024-1132: `org.keycloak-keycloak-parent`: keycloak path transversal in redirection validation
+
+A flaw was discovered in Keycloak, where it does not properly validate URLs included in a redirect. This flaw could allow an attacker to construct a malicious request to bypass validation, access other URLs and sensitive information within the domain, or conduct further attacks. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/CVE-2024-1132[(CVE-2024-1132)].
+
+.CVE-2023-45857: Axios 1.5 exposes confidential data stored in cookies
+
+A flaw was discovered in Axios 1.5.1 that accidentally revealed the confidential `XSRF-TOKEN`, stored in cookies, by including it in the HTTP header `X-XSRF-TOKEN` for every request made to any host, thereby allowing attackers to view sensitive information. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/CVE-2023-45857[(CVE-2023-45857)].
+
+
+.CVE-2024-28849: `follow-redirects` package clears authorization headers
+
+A flaw was discovered in the `follow-redirects` package, which clears authorization headers, but it fails to clear the `proxy-authentication` headers. This flaw could lead to credential leakage, which could have a high impact on data confidentiality.
+Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/CVE-2024-28849[(CVE-2024-28849)]
+
+.CVE-2024-29131: Out-of-bounds Write vulnerability in Apache Commons Configuration
+
+A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in the `AbstractListDelimiterHandler.flattenIterator()` method. This issue could allow an attacker to corrupt memory or execute a denial of service (DoS) attack by crafting a malicious property that triggers an out-of-bounds write issue when processed by the vulnerable method. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29131[(CVE-2024-29131)]
+
+.CVE-2024-29133: Out-of-bounds Write vulnerability in Apache Commons Configuration
+
+A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling the `ListDelimiterHandler.flatten(Object, int)` method with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a denial of service (DoS) attach. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29133[(CVE-2024-29133)]
+
+.CVE-2024-29180: `webpack-dev-middleware` lack of URL validation may lead to a file leak
+
+A flaw was found in the `webpack-dev-middleware` package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29180[(CVE-2024-29180)]
+
+.CVE-2023-4639: `org.keycloak-keycloak-parent` undertow Cookie Smuggling and Spoofing
+
+A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This vulnerability has the potential to enable an attacker to construct a cookie value to intercept `HttpOnly` cookie values or spoof arbitrary additional cookie values, resulting in unauthorized data access or modification. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/CVE-2023-4639[(CVE-2023-4639)].
+
+.CVE-2023-36479: `com.google.guava-guava-parent` improper addition of quotation marks to user inputs in Jetty CGI Servlet
+
+A flaw was found in Jetty's `org.eclipse.jetty.servlets.CGI` Servlet, which permits incorrect command execution in specific circumstances, such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands besides the ones requested. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/CVE-2023-36479[(CVE-2023-36479)].
+
+.CVE-2023-26364: `css-tools` improper input validation causes denial of service
+
+A flaw was found in `@adobe/css-tools`, which could potentially lead to a minor denial of service (DoS) when parsing CSS. User interaction and privileges are not required to jeopardize an environment. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/CVE-2023-26364[(CVE-2023-26364)].
+
+.CVE-2023-48631: `css-tools`: regular expression denial of service
+
+A flaw was found in `@adobe/css-tools`, which could lead to a regular expression denial of service (ReDoS) when attempting to parse CSS. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/CVE-2023-48631[(CVE-2023-48631)].
+
+For a complete list of all issues resolved in this release, see the list of link:https://issues.redhat.com/issues/?filter=12435317[MTR 1.2.6 resolved issues] in Jira.
diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-7.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-7.adoc
new file mode 100644
index 0000000..a38ad78
--- /dev/null
+++ b/docs/topics/mtr-rn-resolved-issues-1-2-7.adoc
@@ -0,0 +1,31 @@
+// Module included in the following assemblies:
+//
+// * docs/release-notes-mtr/mtr_release_notes-1.2/master.adoc
+
+:_content-type: REFERENCE
+[id="mtr-rn-resolved-issues-1-2-7_{context}"]
+= Resolved issues
+
+{ProductShortName} 1.2.7 has the following resolved issues:
+
+.MTR 1.2.0 fails with the Exception `java.lang.ClassNotFoundException:org.eclipse.text.edits.MalformedTreeException`
+
+In earlier versions of {ProductShortName} 1.2.z, when migrating an Application from JBoss Enterprise Application Platform (EAP) 7 to EAP 8, there could be a failure with the following `java.lang.ClassNotFoundException`:
+
+[source,java]
+----
+java.lang.ClassNotFoundException: org.eclipse.text.edits.MalformedTreeException from [Module "org.jboss.windup.ast.windup-java-ast:6.3.1.Final-redhat-00002_67e96e90-d3bc-44fe-8fc8-ac2abdeacc58" from AddonModuleLoader]
+----
+
+This issue has been resolved in {ProductShortName} 1.2.7. link:https://issues.redhat.com/browse/WINDUP-4200[(WINDUP-4200)]
+
+.CVE-2022-36033: `org.jsoup/jsoup`: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled
+
+A flaw was discovered in `jsoup`, which is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety.
+
+An issue in `jsoup` could incorrectly sanitize HTML, including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default SafeList.preserveRelativeLinks option is enabled, HTML, including javascript: URLs crafted with control characters, will not be sanitized. Users are recommended to upgrade to {ProductShortName} 1.2.7, which resolves this issue.
+
+For more details, see link:https://access.redhat.com/security/cve/cve-2022-36033[(2022-36033)].
+
+
+For a complete list of all issues resolved in this release, see the list of link:https://issues.redhat.com/issues/?filter=12441309[MTR 1.2.7 resolved issues] in Jira.