diff --git a/docs/vulnerabilities.md b/docs/vulnerabilities.md
index 844ef855..5aa190f9 100644
--- a/docs/vulnerabilities.md
+++ b/docs/vulnerabilities.md
@@ -1,4 +1,5 @@
 # Known & public vulnerabilities in this project
 
+  * [CVE-2025-66021](https://github.com/OWASP/java-html-sanitizer/security/advisories/GHSA-g9gq-3pfx-2gw2) - 25 Nov. 2025 - Recommend upgrade to v20260102.1 or later.
   * [CVE-2021-42575](cve202142575.md) - 18 Oct. 2021 - Recommend upgrade to v20211018.1 or later.
   * [CVE-2011-4457](cve20114457.md) - 17 Nov. 2011 - Recommend upgrade to r88 or later.