diff --git a/README.md b/README.md
index a81df6d..6b57f7f 100644
--- a/README.md
+++ b/README.md
@@ -172,7 +172,6 @@ cloudsmith push python $CLOUDSMITH_ORG/$CLOUDSMITH_REPO h11-test.whl -k "$CLOUDS
 ***
 
 ### Recipe 7 - Approved Upstreams based on Tags
-Validate filename matches a semantic or naming pattern where ```MAJOR```.```MINOR```, and ```PATCH``` are all numeric. 
 Download the ```policy.rego``` and create the associated ```payload.json``` with the below command:
 ```
 wget https://raw.githubusercontent.com/cloudsmith-io/rego-recipes/refs/heads/main/recipe-7/policy.rego
@@ -195,3 +194,45 @@ If a package has ```approved``` --> blocked (<b>even if upstream is present</b>)
 
 
 ***
+
+### Recipe 8 - CVSS Policy with Fix Available
+This policy is designed to match packages in a specific repository (```acme-repo-one```) that have ```high``` or ```critical```vulnerabilities that also have a ```Fix``` available, excluding specific ```known CVEs```.  
+Download the ```policy.rego``` and create the associated ```payload.json``` with the below command:
+```
+wget https://raw.githubusercontent.com/cloudsmith-io/rego-recipes/refs/heads/main/recipe-8/policy.rego
+escaped_policy=$(jq -Rs . < policy.rego)
+cat <<EOF > payload.json
+{
+  "name": "CVSS Policy with Fix Available",
+  "description": "Match packages that have high or critical CVEs where a fix is available",
+  "rego": $escaped_policy,
+  "enabled": true,
+  "is_terminal": false,
+  "precedence": 8
+}
+EOF
+```
+
+To demonstrate this policy, you can use the ```requests``` Python package, which has a known vulnerability with a high CVSS score.
+<br/><br/>
+<b>Vulnerability Details:</b>
+<br/>
+- <b>Package:</b>  h11
+- <b>Affected Version:</b> 0.14.0
+- <b>Fixed In:</b> 0.16.0
+- <b>CVE Identifier:</b>  [CVE-2025-43859](https://access.redhat.com/security/cve/cve-2025-43859)
+- <b>NVD Context:</b> This CVE record has been marked for NVD enrichment efforts.
+- <b>Description:</b>  An HTTP request smuggling vulnerability in python-h11..
+
+```
+pip download h11==0.14.0
+```
+
+Upload to Cloudsmith to see if the package is correctly matched:
+```
+cloudsmith push python acme-corporation/acme-repo-one h11-0.14.0-py3-none-any.whl -k "$CLOUDSMITH_API_KEY"
+```
+
+
+***
+