diff --git a/doc/security/vulnerabilities.rst b/doc/security/vulnerabilities.rst
index 6bdf011f9dc..da3b353d989 100644
--- a/doc/security/vulnerabilities.rst
+++ b/doc/security/vulnerabilities.rst
@@ -1794,3 +1794,22 @@ Under embargo until 2024-11-22
 -----------------
 
 Under embargo until 2025-01-23
+
+:cve:`2024-11263`
+-----------------
+
+arch: riscv: userspace: potential security risk when CONFIG_RISCV_GP=y
+
+A rogue thread can corrupt the gp reg and cause the entire system to hard fault at best, at worst,
+it can potentially trick the system to access another set of random global symbols.
+
+- `Zephyr project bug tracker GHSA-jjf3-7x72-pqm9
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-jjf3-7x72-pqm9>`_
+
+This has been fixed in main for v4.0.0
+
+- `PR 81155 fix for main
+  <https://github.com/zephyrproject-rtos/zephyr/pull/81155>`_
+
+- `PR 81370 fix for 3.7
+  <https://github.com/zephyrproject-rtos/zephyr/pull/81370>`_