diff --git a/gems/rexml/CVE-2024-49761.yml b/gems/rexml/CVE-2024-49761.yml
index c404acba7c..dc33d486d1 100644
--- a/gems/rexml/CVE-2024-49761.yml
+++ b/gems/rexml/CVE-2024-49761.yml
@@ -38,4 +38,5 @@ related:
     - https://github.com/ruby/rexml/security/advisories/GHSA-2rxp-v6pw-ch6m
     - https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f
     - https://www.ruby-lang.org/en/news/2024/10/28/redos-rexml-cve-2024-49761
+    - https://hackerone.com/reports/2807139
     - https://github.com/advisories/GHSA-2rxp-v6pw-ch6m