diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3584cb1836..75c4162a48 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,14 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.48.4] - 2025-01-17
+### Fixed
+- Fixes from version 2.46.2, 2.46.3, 2.46.4, and 2.46.5
+
+## [2.46.5] - 2025-01-17
+### Fixed
+- Removed the API token error log message that was being printed when the API token was invalid.
+
 ## [3.6.0] - 2024-12-05
 ### Added
 - Extension point for contributor row in contributor table
@@ -1636,10 +1644,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 [2.46.2]: https://scm-manager.org/download/2.46.2
 [2.46.3]: https://scm-manager.org/download/2.46.3
 [2.46.4]: https://scm-manager.org/download/2.46.4
+[2.46.5]: https://scm-manager.org/download/2.46.5
 [2.47.0]: https://scm-manager.org/download/2.47.0
 [2.48.0]: https://scm-manager.org/download/2.48.0
 [2.48.1]: https://scm-manager.org/download/2.48.1
 [2.48.2]: https://scm-manager.org/download/2.48.2
+[2.48.3]: https://scm-manager.org/download/2.48.3
+[2.48.4]: https://scm-manager.org/download/2.48.4
 [3.0.0]: https://scm-manager.org/download/3.0.0
 [3.0.1]: https://scm-manager.org/download/3.0.1
 [3.0.2]: https://scm-manager.org/download/3.0.2
diff --git a/scm-dao-xml/src/main/java/sonia/scm/repository/xml/XmlRepositoryDAO.java b/scm-dao-xml/src/main/java/sonia/scm/repository/xml/XmlRepositoryDAO.java
index d3487bd688..e69f024b91 100644
--- a/scm-dao-xml/src/main/java/sonia/scm/repository/xml/XmlRepositoryDAO.java
+++ b/scm-dao-xml/src/main/java/sonia/scm/repository/xml/XmlRepositoryDAO.java
@@ -16,13 +16,10 @@
 
 package sonia.scm.repository.xml;
 
-
 import com.google.common.collect.ImmutableList;
 import com.google.inject.Singleton;
 import jakarta.inject.Inject;
 import lombok.extern.slf4j.Slf4j;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import sonia.scm.io.FileSystem;
 import sonia.scm.repository.InternalRepositoryException;
 import sonia.scm.repository.NamespaceAndName;
@@ -37,7 +34,6 @@ import sonia.scm.store.StoreReadOnlyException;
 import java.io.IOException;
 import java.nio.file.Path;
 import java.util.Collection;
-import java.util.Comparator;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.TreeMap;
@@ -45,8 +41,6 @@ import java.util.concurrent.locks.Lock;
 import java.util.concurrent.locks.ReadWriteLock;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
 import java.util.function.Supplier;
-import java.util.stream.Collectors;
-
 
 @Singleton
 @Slf4j
@@ -62,9 +56,6 @@ public class XmlRepositoryDAO implements RepositoryDAO {
   private final Map<NamespaceAndName, Repository> byNamespaceAndName;
   private final ReadWriteLock byNamespaceLock = new ReentrantReadWriteLock();
 
-  private static final Logger LOG = LoggerFactory.getLogger(XmlRepositoryDAO.class);
-
-
   @Inject
   public XmlRepositoryDAO(PathBasedRepositoryLocationResolver repositoryLocationResolver, FileSystem fileSystem, RepositoryExportingCheck repositoryExportingCheck) {
     this.repositoryLocationResolver = repositoryLocationResolver;
@@ -99,10 +90,10 @@ public class XmlRepositoryDAO implements RepositoryDAO {
       pathRepositoryLocationResolverInstance.forAllLocations((repositoryId, repositoryPath) -> {
         try {
           Repository repository = metadataStore.read(repositoryPath);
-        if (byNamespaceAndName.containsKey(repository.getNamespaceAndName())) {
-          LOG.warn("Duplicate repository found. Adding suffix DUPLICATE to repository {}", repository);
-          repository.setName(repository.getName() + "-" + repositoryId + "-DUPLICATE");
-        }
+          if (byNamespaceAndName.containsKey(repository.getNamespaceAndName())) {
+            log.warn("Duplicate repository found. Adding suffix DUPLICATE to repository {}", repository);
+            repository.setName(repository.getName() + "-" + repositoryId + "-DUPLICATE");
+          }
           byNamespaceAndName.put(repository.getNamespaceAndName(), repository);
           byId.put(repositoryId, repository);
         } catch (InternalRepositoryException e) {
diff --git a/scm-webapp/src/main/java/sonia/scm/security/ApiKeyTokenHandler.java b/scm-webapp/src/main/java/sonia/scm/security/ApiKeyTokenHandler.java
index 6a432fa1c8..dc5d0dd369 100644
--- a/scm-webapp/src/main/java/sonia/scm/security/ApiKeyTokenHandler.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/ApiKeyTokenHandler.java
@@ -56,9 +56,7 @@ class ApiKeyTokenHandler {
       return of(OBJECT_MAPPER.readValue(decoder.decode(token), Token.class));
     } catch (IOException | DecodingException e) {
       LOG.debug("failed to read api token, perhaps it is a jwt token or a normal password");
-      if (LOG.isTraceEnabled()) {
-        LOG.trace("failed to parse token", e);
-      }
+      // do not print the exception here, because it could reveal password details
       return empty();
     }
   }