Fix Emergency Changelog

Author: vs-mg

src/content/changelog/waf/2025-09-28-emergency-waf-release.mdx

@@ -6,7 +6,7 @@ date: 2025-09-28
 
 import { RuleID } from "~/components";
 
-This week highlights a critical vendor-specific vulnerability: a deserialization flaw in the License Servlet of Fortra’s GoAnywhere MFT. By forging a license response signature, an attacker can trigger deserialization of arbitrary objects, potentially leading to command injection.
+This week highlights multiple critical Cisco vulnerabilities (CVE-2025-20363, CVE-2025-20333, CVE-2025-20362). This flaw stems from improper input validation in HTTP(S) requests. An authenticated VPN user could send crafted requests to execute code as root, potentially compromising the device.
 
 **Key Findings**