diff --git a/ChangeLog.txt b/ChangeLog.txt
index eef61746..93f8503c 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -2,6 +2,8 @@ Security:
 - CVE-2023-28366: Fix memory leak in broker when clients send multiple QoS 2
   messages with the same message ID, but then never respond to the PUBREC
   commands.
+- CVE-xxxx-xxxxx: Fix memory leak when clients send v5 CONNECT packets with a
+  will message that contains invalid property types.
 - Broker will now reject Will messages that attempt to publish to $CONTROL/.
 - Broker now validates usernames provided in a TLS certificate or TLS-PSK
   identity are valid UTF-8.
diff --git a/src/property_broker.c b/src/property_broker.c
index e829b300..a0c856a9 100644
--- a/src/property_broker.c
+++ b/src/property_broker.c
@@ -103,6 +103,7 @@ int property__process_will(struct mosquitto *context, struct mosquitto_message_a
 				break;
 
 			default:
+				msg->properties = msg_properties;
 				return MOSQ_ERR_PROTOCOL;
 				break;
 		}