diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1edda7aab..fbe151592 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -51,6 +51,7 @@ Status: unreleased.
 - **BREAKING:** Gateway auth mode "none" is removed; gateway now requires token/password (Tailscale Serve identity still allowed).
 
 ### Fixes
+- Security: pin npm overrides to keep tar@7.5.4 for install toolchains.
 - BlueBubbles: coalesce inbound URL link preview messages. (#1981) Thanks @tyler6204.
 - Agents: include memory.md when bootstrapping memory context. (#2318) Thanks @czekaj.
 - Telegram: wrap reasoning italics per line to avoid raw underscores. (#2181) Thanks @YuriNachos.
diff --git a/package.json b/package.json
index 0c63d5d69..1299d72d5 100644
--- a/package.json
+++ b/package.json
@@ -237,6 +237,9 @@
     "vitest": "^4.0.18",
     "wireit": "^0.14.12"
   },
+  "overrides": {
+    "tar": "7.5.4"
+  },
   "pnpm": {
     "minimumReleaseAge": 2880,
     "overrides": {