From d83df5d9ea85656f8d9598d6480025650ca546a4 Mon Sep 17 00:00:00 2001
From: Kapil Gupta <kapil.gupta@espressif.com>
Date: Wed, 4 Feb 2026 12:23:06 +0530
Subject: [PATCH] docs: update vulnerabilities guide to mention CVE-2026-25532

---
 docs/en/security/vulnerabilities.rst | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/docs/en/security/vulnerabilities.rst b/docs/en/security/vulnerabilities.rst
index f022e1579f..c44b44d97b 100644
--- a/docs/en/security/vulnerabilities.rst
+++ b/docs/en/security/vulnerabilities.rst
@@ -7,6 +7,20 @@ This page briefly lists all of the vulnerabilities that are discovered and fixed
 .. note::
    Please refer to ``latest`` version of this documentation guide for up-to-date information.
 
+CVE-2026
+--------
+
+CVE-2026-25532
+~~~~~~~~~~~~~~
+
+WPS Enrollee Fragment Integer Underflow Vulnerability
+
+* Espressif Advisory: NA (Published on GitHub)
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+* Advisory pointer: `GHSA-m2h2-683f-9mw7`_
+
+
 CVE-2025
 --------
 
@@ -281,3 +295,4 @@ Security Advisory Concerning Wi-Fi Authentication Bypass
 .. _`GHSA-qhf9-vr2h-jh96` : https://github.com/espressif/esp-idf/security/advisories/GHSA-qhf9-vr2h-jh96
 .. _`GHSA-hmjj-rjvv-w8pq` : https://github.com/espressif/esp-idf/security/advisories/GHSA-hmjj-rjvv-w8pq
 .. _`GHSA-43gh-7r4f-qp57` : https://github.com/espressif/esp-idf/security/advisories/GHSA-43gh-7r4f-qp57
+.. _`GHSA-m2h2-683f-9mw7` : https://github.com/espressif/esp-idf/security/advisories/GHSA-m2h2-683f-9mw7