From bdf95928031b7706120b5b08f75c1f10eac4eb8c Mon Sep 17 00:00:00 2001
From: Jin Cheng <jinCheng@espressif.com>
Date: Thu, 11 Dec 2025 14:10:54 +0800
Subject: [PATCH] docs: update vulnerabilities guide to mention CVE-2025-66409

---
 docs/en/security/vulnerabilities.rst | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/docs/en/security/vulnerabilities.rst b/docs/en/security/vulnerabilities.rst
index 2935eff91c..320d135d5a 100644
--- a/docs/en/security/vulnerabilities.rst
+++ b/docs/en/security/vulnerabilities.rst
@@ -10,6 +10,17 @@ This page briefly lists all of the vulnerabilities that are discovered and fixed
 CVE-2025
 --------
 
+CVE-2025-66409
+~~~~~~~~~~~~~~
+
+Out-of-Bounds Read in ESP32 Bluetooth AVRCP Command Handling
+
+* Espressif Advisory: NA (Published on GitHub)
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+* Advisory pointer: `GHSA-qhf9-vr2h-jh96`_
+
+
 CVE-2025-65092
 ~~~~~~~~~~~~~~
 
@@ -245,3 +256,4 @@ Security Advisory Concerning Wi-Fi Authentication Bypass
 .. _`GHSA-9w88-r2vm-qfc4` : https://github.com/espressif/esp-idf/security/advisories/GHSA-9w88-r2vm-qfc4
 .. _`GHSA-8mg7-9qpg-p92v` : https://github.com/espressif/esp-idf/security/advisories/GHSA-8mg7-9qpg-p92v
 .. _`GHSA-vcw6-jc3p-4gj8` : https://github.com/espressif/esp-idf/security/advisories/GHSA-vcw6-jc3p-4gj8
+.. _`GHSA-qhf9-vr2h-jh96` : https://github.com/espressif/esp-idf/security/advisories/GHSA-qhf9-vr2h-jh96