diff --git a/vulns/CVE-2025-40018.yml b/vulns/CVE-2025-40018.yml
new file mode 100644
index 0000000..f860d9c
--- /dev/null
+++ b/vulns/CVE-2025-40018.yml
@@ -0,0 +1,10 @@
+reachability: Local
+memory_corruption: true
+bug_class: UaF
+impact: LPE
+privileges_required: false
+notes: |2-
+   UaF on struct ip_vs_app during netns cleanup, reachable by unprivileged user
+  through namespaces
+author: Oracle Corporation
+version: v0.1
diff --git a/vulns/CVE-2025-40214.yml b/vulns/CVE-2025-40214.yml
new file mode 100644
index 0000000..7a74d29
--- /dev/null
+++ b/vulns/CVE-2025-40214.yml
@@ -0,0 +1,8 @@
+reachability: Local
+memory_corruption: true
+bug_class: UaF
+impact: LPE
+privileges_required: false
+notes: UaF on struct sk_buff objects leading to LPE
+author: Oracle Corporation
+version: v0.1
diff --git a/vulns/CVE-2025-40216.yml b/vulns/CVE-2025-40216.yml
new file mode 100644
index 0000000..ac3eaee
--- /dev/null
+++ b/vulns/CVE-2025-40216.yml
@@ -0,0 +1,10 @@
+reachability: Local
+memory_corruption: true
+bug_class: OOB Write
+impact: DoS, possibly LPE or VM-escape
+privileges_required: false
+notes: |2-
+   Out of bounds access in io_uring subsystem leading to Info Leak and
+  potentially LPE, confirmed by kCTF.
+author: Oracle Corporation
+version: v0.1
diff --git a/vulns/CVE-2025-40257.yml b/vulns/CVE-2025-40257.yml
new file mode 100644
index 0000000..e691d86
--- /dev/null
+++ b/vulns/CVE-2025-40257.yml
@@ -0,0 +1,10 @@
+reachability: Local
+memory_corruption: true
+bug_class: UAF
+impact: DoS or LPE
+privileges_required: false
+notes: |2-
+   Race in mptcp_pm_del_add_timer() allows use-after-free of
+  mptcp_pm_addr_entry after it is unlinked and freed by another thread.
+author: Oracle Corporation
+version: v0.1
diff --git a/vulns/CVE-2025-40258.yml b/vulns/CVE-2025-40258.yml
new file mode 100644
index 0000000..895ea52
--- /dev/null
+++ b/vulns/CVE-2025-40258.yml
@@ -0,0 +1,10 @@
+reachability: Local
+memory_corruption: true
+bug_class: UAF
+impact: DOS or LPE
+privileges_required: false
+notes: |2-
+   Race between schedule_work() and late sock_hold() in mptcp_schedule_work(),
+  yielding a classic use-after-free on kmem_cache_sock
+author: Oracle Corporation
+version: v0.1
diff --git a/vulns/CVE-2025-68209.yml b/vulns/CVE-2025-68209.yml
new file mode 100644
index 0000000..7a81544
--- /dev/null
+++ b/vulns/CVE-2025-68209.yml
@@ -0,0 +1,10 @@
+reachability: Remote
+memory_corruption: false
+bug_class: Null Pointer Dereference
+impact: DoS
+privileges_required: false
+notes: |2-
+   This is possibly a remote DoS as any host that can send traffic could
+  possible create a DoS
+author: Oracle Corporation
+version: v0.1