diff --git a/CHANGELOG.md b/CHANGELOG.md
index fd1ddd7e0d..1f45377f0b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -33,6 +33,17 @@ const session = await getSessionFromStorage(sessionId, {
 
 The following changes have been implemented but not released yet:
 
+### Bugfix
+
+#### core
+
+- Fix issue using the library with Bun by adding missing `extractable` flag to the DPoP keys so that they can be serialized on the
+  appropriate events. Thanks to @NoelDeMartin for fixing this issue.
+
+#### node
+
+- Sessions built from `Session.fromTokens` now have a correct expiration time triggering refresh in the fetch. Thanks to @NoelDeMartin for fixing this issue.
+
 ## [3.1.1](https://github.com/inrupt/solid-client-authn-js/releases/tag/v3.1.1) - 2025-10-29
 
 ### Bugfix
diff --git a/packages/core/src/authenticatedFetch/dpopUtils.ts b/packages/core/src/authenticatedFetch/dpopUtils.ts
index f3e214d8f2..0ac454c56a 100644
--- a/packages/core/src/authenticatedFetch/dpopUtils.ts
+++ b/packages/core/src/authenticatedFetch/dpopUtils.ts
@@ -71,6 +71,7 @@ export async function createDpopHeader(
 export async function generateDpopKeyPair(): Promise<KeyPair> {
   const { privateKey, publicKey } = await generateKeyPair(
     PREFERRED_SIGNING_ALG[0],
+    { extractable: true },
   );
   const dpopKeyPair = {
     privateKey,