diff --git a/docs/admin_docs/security/cves.mdx b/docs/admin_docs/security/cves.mdx
index 10db1d1aacf..a8c2cbb95c2 100644
--- a/docs/admin_docs/security/cves.mdx
+++ b/docs/admin_docs/security/cves.mdx
@@ -2,6 +2,15 @@
 title: CVEs fixed by release
 sidebar_position: 2
 ---
+#### Version 6.0.0
+
+| CVE            | Title                                                                              | Affected |
+|:---------------|:-----------------------------------------------------------------------------------|---------:|
+| CVE-2026-23980 | Improper Neutralization of Special Elements used in a SQL Command                  |  < 6.0.0 |
+| CVE-2026-23982 | Improper Authorization in Dataset Creation Allows Access Control Bypass            |  < 6.0.0 |
+| CVE-2026-23983 | Information Disclosure of sensitive user info via Tags                             |  < 6.0.0 |
+| CVE-2026-23984 | SQLLab Read-Only Bypass on PostgreSQL (DML execution)                              |  < 6.0.0 |
+
 #### Version 5.0.0
 
 | CVE            | Title                                                                              | Affected |
@@ -22,6 +31,7 @@ sidebar_position: 2
 |:---------------|:-----------------------------------------------------------------------------------|---------:|
 | CVE-2025-27696 | Improper authorization leading to resource ownership takeover                      |  < 4.1.2 |
 | CVE-2025-48912 | Improper authorization bypass on row level security via SQL Injection              |  < 4.1.2 |
+| CVE-2026-23969 | Exposure of Sensitive Information via Incomplete ClickHouse Function Filtering     |  < 4.1.2 |
 
 #### Version 4.1.0