diff --git a/symfony/ux-live-component/CVE-2025-47946.yaml b/symfony/ux-live-component/CVE-2025-47946.yaml
new file mode 100644
index 000000000..1266605b3
--- /dev/null
+++ b/symfony/ux-live-component/CVE-2025-47946.yaml
@@ -0,0 +1,8 @@
+title:  "symfony/ux-live-component Unsanitized HTML attribute injection via ComponentAttributes"
+link:   https://symfony.com/blog/symfony-ux-cve-2025-47946-unsanitized-html-attribute-injection-via-componentattributes
+cve:    CVE-2025-47946
+branches:
+    2.x:
+        time:       2025-05-19 12:05:00
+        versions:   ['<2.25.1']
+reference: composer://symfony/ux-live-component
diff --git a/symfony/ux-twig-component/CVE-2025-47946.yaml b/symfony/ux-twig-component/CVE-2025-47946.yaml
new file mode 100644
index 000000000..5df61764a
--- /dev/null
+++ b/symfony/ux-twig-component/CVE-2025-47946.yaml
@@ -0,0 +1,8 @@
+title:  "symfony/ux-twig-component Unsanitized HTML attribute injection via ComponentAttributes"
+link:   https://symfony.com/blog/symfony-ux-cve-2025-47946-unsanitized-html-attribute-injection-via-componentattributes
+cve:    CVE-2025-47946
+branches:
+    2.x:
+        time:       2025-05-19 12:05:00
+        versions:   ['<2.25.1']
+reference: composer://symfony/ux-twig-component