diff --git a/data/release-notes/enterprise-server/3-1/18.yml b/data/release-notes/enterprise-server/3-1/18.yml
index 11c7167695..aea88e5c50 100644
--- a/data/release-notes/enterprise-server/3-1/18.yml
+++ b/data/release-notes/enterprise-server/3-1/18.yml
@@ -1,5 +1,7 @@
 date: '2022-03-01'
 sections:
+  security_fixes:
+    - "HIGH: An integer overflow vulnerability was identified in GitHub's markdown parser that could potentially lead to information leaks and RCE. This vulnerability was reported through the GitHub Bug Bounty program by Felix Wilhelm of Google's Project Zero and has been assigned CVE-2022-24724."
   bugs:
     - Upgrades could sometimes fail if a high-availability replica's clock was out of sync with the primary. 
     - OAuth Applications created after September 1st, 2020 were not able to use the [Check an Authorization](https://docs.github.com/en/enterprise-server@3.1/rest/reference/apps#check-an-authorization) API endpoint. 
diff --git a/data/release-notes/enterprise-server/3-2/10.yml b/data/release-notes/enterprise-server/3-2/10.yml
index 3605ac86dc..7065df1d89 100644
--- a/data/release-notes/enterprise-server/3-2/10.yml
+++ b/data/release-notes/enterprise-server/3-2/10.yml
@@ -1,5 +1,7 @@
 date: '2022-03-01'
 sections:
+  security_fixes:
+    - "HIGH: An integer overflow vulnerability was identified in GitHub's markdown parser that could potentially lead to information leaks and RCE. This vulnerability was reported through the GitHub Bug Bounty program by Felix Wilhelm of Google's Project Zero and has been assigned CVE-2022-24724."
   bugs:
     - Upgrades could sometimes fail if a high-availability replica's clock was out of sync with the primary. 
     - OAuth Applications created after September 1st, 2020 were not able to use the [Check an Authorization](https://docs.github.com/en/enterprise-server@3.2/rest/reference/apps#check-an-authorization) API endpoint. 
diff --git a/data/release-notes/enterprise-server/3-3/5.yml b/data/release-notes/enterprise-server/3-3/5.yml
index e814cac9a8..3bbf29ed9d 100644
--- a/data/release-notes/enterprise-server/3-3/5.yml
+++ b/data/release-notes/enterprise-server/3-3/5.yml
@@ -1,5 +1,7 @@
 date: '2022-03-01'
 sections:
+  security_fixes:
+    - "HIGH: An integer overflow vulnerability was identified in GitHub's markdown parser that could potentially lead to information leaks and RCE. This vulnerability was reported through the GitHub Bug Bounty program by Felix Wilhelm of Google's Project Zero and has been assigned CVE-2022-24724."
   bugs:
     - Upgrades could sometimes fail if a high-availability replica's clock was out of sync with the primary. 
     - OAuth Applications created after September 1st, 2020 were not able to use the [Check an Authorization](https://docs.github.com/en/enterprise-server@3.3/rest/reference/apps#check-an-authorization) API endpoint.