Add security content note for Docker Desktop 4.62.0 release (#24236)

<!--Delete sections as needed -->

## Description

<!-- Tell us what you did and why -->

As per title, add security note. Once approved, the CVE details will be
published.

## Related issues or tickets

<!-- Related issues, pull requests, or Jira tickets -->

## Reviews

<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->

- [ ] Technical review
- [ ] Editorial review
- [ ] Product review

---------

Co-authored-by: Allie Sadler <102604716+aevesdocker@users.noreply.github.com>

Author: quentin-laplanche

content/manuals/desktop/release-notes.md

@@ -57,6 +57,7 @@ For more frequently asked questions, see the [FAQs](/manuals/desktop/troubleshoo
 ### Security
 
 - Addressed [CVE-2026-2664](https://www.cve.org/cverecord?id=CVE-2026-2664), out of bounds read in grpcfuse kernel module.
+- Addressed [CVE-2026-28400](https://www.cve.org/cverecord?id=CVE-2026-28400), runtime flag injection in Docker Model Runner.
 
 ## 4.61.0
 

content/manuals/security/security-announcements.md

@@ -12,6 +12,12 @@ toc_max: 2
 
 [Subscribe to security RSS feed](/security/security-announcements/index.xml)
 
+## Docker Desktop 4.62.0 security update: CVE-2026-28400
+
+A vulnerability in Docker Desktop was fixed on February 23 in the [4.62.0](/manuals/desktop/release-notes.md#4620) release:
+
+- Addressed [CVE-2026-28400](https://www.cve.org/cverecord?id=CVE-2026-28400), runtime flag injection in Docker Model Runner.
+
 ## Docker Desktop 4.62.0 security update: CVE-2026-2664
 
 A vulnerability in Docker Desktop was fixed on February 23 in the [4.62.0](/manuals/desktop/release-notes.md#4620) release: