diff --git a/advisories/unreviewed/2026/05/GHSA-fq39-62gx-8hqx/GHSA-fq39-62gx-8hqx.json b/advisories/unreviewed/2026/05/GHSA-fq39-62gx-8hqx/GHSA-fq39-62gx-8hqx.json
index f6ff0c33f9d20..f5dd2f03148a7 100644
--- a/advisories/unreviewed/2026/05/GHSA-fq39-62gx-8hqx/GHSA-fq39-62gx-8hqx.json
+++ b/advisories/unreviewed/2026/05/GHSA-fq39-62gx-8hqx/GHSA-fq39-62gx-8hqx.json
@@ -1,24 +1,87 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-fq39-62gx-8hqx",
-  "modified": "2026-05-19T12:31:39Z",
+  "modified": "2026-05-19T12:31:40Z",
   "published": "2026-05-19T12:31:39Z",
   "aliases": [
     "CVE-2026-46722"
   ],
+  "summary": "TYPO3 extension \"ke_search\" affected by XML External Entity injection",
   "details": "The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index.",
   "severity": [
     {
       "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "tpwd/ke_search"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "7.0.0"
+            },
+            {
+              "fixed": "7.0.1"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "tpwd/ke_search"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "6.0.0"
+            },
+            {
+              "fixed": "6.6.1"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "tpwd/ke_search"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "5.6.2"
+            }
+          ]
+        }
+      ]
     }
   ],
-  "affected": [],
   "references": [
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46722"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/tpwd/ke_search"
+    },
     {
       "type": "WEB",
       "url": "https://typo3.org/security/advisory/typo3-ext-sa-2026-011"