Release notes for v1.16.5

Signed-off-by: Richard Wall <[email protected]>

Author: wallrj

content/docs/releases/release-notes/release-notes-1.16.md

@@ -223,6 +223,18 @@ Thanks also to the CNCF, which provides resources and support, and to the AWS op
 
 In addition, massive thanks to Venafi for contributing developer time and resources towards the continued maintenance of cert-manager projects.
 
+## `v1.16.5`
+
+This patch release addresses several vulnerabilities reported by the Trivy security scanner. It is built with the latest version of Go 1.23 and includes various dependency updates. Changes since `v1.16.4`:
+
+### Bug or Regression
+
+- Bump Go to `v1.23.8` to fix `CVE-2025-22871` ([#7706](https://github.com/cert-manager/cert-manager/pull/7706), [`@wallrj`](https://github.com/wallrj))
+- Bump `github.com/golang-jwt/jwt/v5` to `v5.2.2` to fix `CVE-2025-30204` ([#7708](https://github.com/cert-manager/cert-manager/pull/7708), [`@wallrj`](https://github.com/wallrj))
+- Bump `golang.org/x/net` to fix `CVE-2025-22872` ([#7707](https://github.com/cert-manager/cert-manager/pull/7707), [`@wallrj`](https://github.com/wallrj))
+- Bump `go-jose` dependency to address `CVE-2025-27144` ([#7602](https://github.com/cert-manager/cert-manager/pull/7602), [`@SgtCoDFish`](https://github.com/SgtCoDFish))
+- Bump `golang.org/x/net` to address `CVE-2025-22870` reported by Trivy ([#7623](https://github.com/cert-manager/cert-manager/pull/7623), [`@SgtCoDFish`](https://github.com/SgtCoDFish))
+
 ## `v1.16.4`
 
 This patch release is primarily intended to address a [breaking change](https://github.com/cert-manager/cert-manager/issues/7540) in Cloudflare's API which impacted ACME DNS-01 challenges using Cloudflare.