diff --git a/DSE_6.8_Release_Notes.md b/DSE_6.8_Release_Notes.md
index 42a7ad9..03d3fb7 100644
--- a/DSE_6.8_Release_Notes.md
+++ b/DSE_6.8_Release_Notes.md
@@ -28,6 +28,8 @@ If you're developing applications, please refer to the [Java Driver documentatio
 * Fixed a timeout issue for SAI and range queries. This fix prevents draining nodes from replying to echo messages and stops these nodes from executing faulty requests. (DSP-24792)
 * Fixed an issue where incremental repairs failed during compaction. (DSP-24922)
 
+## 6.8.60 DSE CVE
+* Upgraded Netty to version `4.1.127.1.dse`, which is based on version `4.1.127.Final`. (DSP-24941, DSP-24942, [CVE-2505-55163](https://nvd.nist.gov/vuln/detail/CVE-2505-55163), [CVE-2025-58506](https://nvd.nist.gov/vuln/detail/CVE-2025-58056))
 
 # Release notes for 6.8.59
 26 June 2025
diff --git a/DSE_6.9_Release_Notes.md b/DSE_6.9_Release_Notes.md
index ad810ec..6a7e05b 100644
--- a/DSE_6.9_Release_Notes.md
+++ b/DSE_6.9_Release_Notes.md
@@ -24,6 +24,10 @@ If you're developing applications, please refer to the [Java Driver documentatio
 ## 6.9.14 DSE Cassandra
 * Fixed an issue where SSTables with implicitly frozen UDTs, including those with dropped columns, became unreadable during upgrades. (DSP-24600)
 
+## 6.9.14 DSE CVE
+* Upgraded Netty to version `4.1.127.1.dse`, which is based on version `4.1.127.Final`. (DSP-24941, DSP-24942, [CVE-2505-55163](https://nvd.nist.gov/vuln/detail/CVE-2505-55163), [CVE-2025-58506](https://nvd.nist.gov/vuln/detail/CVE-2025-58056))
+* Upgraded Management API component to pick up version 3.18.0 of Apache commons-lang2. (DSP-24941, [CVE-2025-48924](https://nvd.nist.gov/vuln/detail/CVE-2025-48924))
+
 # Release notes for 6.9.13
 11 August 2025