diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml
index 31f64ee98d38..8fda2190e48a 100644
--- a/security/vuxml/vuln/2025.xml
+++ b/security/vuxml/vuln/2025.xml
@@ -1,217 +1,217 @@
   <vuln vid="3445e4b6-d2b8-11ef-9ff3-43c2b5d6c4c8">
     <topic>git -- multiple vulnerabilities</topic>
     <affects>
       <package>
 	<name>git</name>
 	<name>git-cvs</name>
 	<name>git-gui</name>
 	<name>git-p4</name>
 	<name>git-svn</name>
 	<range><lt>2.48.1</lt></range>
       </package>
     </affects>
     <description>
 	<body xmlns="http://www.w3.org/1999/xhtml">
 	<p>Git development team reports:</p>
 	<blockquote cite="https://lore.kernel.org/git/xmqq5xmh46oc.fsf@gitster.g/">
 	  <p>CVE-2024-50349: Printing unsanitized URLs when asking for credentials made the
 	  user susceptible to crafted URLs (e.g. in recursive clones) that
 	  mislead the user into typing in passwords for trusted sites that
 	  would then be sent to untrusted sites instead.</p>
 	  <p>CVE-2024-52006: Git may pass on Carriage Returns via the credential protocol to
 	  credential helpers which use line-reading functions that
 	  interpret said Carriage Returns as line endings, even though Git
 	  did not intend that.</p>
 	</blockquote>
 	</body>
     </description>
     <references>
       <cvename>CVE-2024-50349</cvename>
       <url>https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr</url>
       <cvename>CVE-2024-52006</cvename>
       <url>https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp</url>
     </references>
     <dates>
       <discovery>2024-10-29</discovery>
       <entry>2025-01-14</entry>
     </dates>
   </vuln>
 
-  <vuln vid="7d7a28cd-7f5a-450a-852f-c49aaab3fa7e">
+  <vuln vid="5e2bd238-d2bb-11ef-bc0e-1c697a616631">
     <topic>keycloak -- Multiple security fixes</topic>
     <affects>
       <package>
-        <name>keycloak</name>
-        <range><lt>26.0.8</lt></range>
+	<name>keycloak</name>
+	<range><lt>26.0.8</lt></range>
       </package>
     </affects>
     <description>
-      <body xmlns="http://www.w3.org/1999/xhtml">
-        <p>Keycloak reports:</p>
-        <blockquote cite="https://www.keycloak.org/2024/11/keycloak-2606-released.html">
-          <p>This update includes 2 security fixes:</p>
-          <ul>
-            <li>CVE-2024-11734: Unrestricted admin use of system and environment variables</li>
-            <li>CVE-2024-11736: Denial of Service in Keycloak Server via Security Headers</li>
-          </ul>
-        </blockquote>
-      </body>
+	<body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Keycloak reports:</p>
+	<blockquote cite="https://www.keycloak.org/2024/11/keycloak-2606-released.html">
+	  <p>This update includes 2 security fixes:</p>
+	  <ul>
+	    <li>CVE-2024-11734: Unrestricted admin use of system and environment variables</li>
+	    <li>CVE-2024-11736: Denial of Service in Keycloak Server via Security Headers</li>
+	  </ul>
+	</blockquote>
+	</body>
     </description>
     <references>
       <cvename>CVE-2024-11734</cvename>
       <cvename>CVE-2024-11736</cvename>
     </references>
     <dates>
       <discovery>2025-01-13</discovery>
       <entry>2025-01-13</entry>
      </dates>
   </vuln>
 
   <vuln vid="7624c151-d116-11ef-b232-b42e991fc52e">
     <topic>asterisk - path traversal</topic>
     <affects>
       <package>
 	<name>asterisk18</name>
 	<range><lt>18.26.20</lt></range>
       </package>
       <package>
 	<name>asterisk20</name>
 	<range><lt>20.11.0</lt></range>
       </package>
     </affects>
     <description>
 	<body xmlns="http://www.w3.org/1999/xhtml">
 	<p>cve@mitre.org reports:</p>
 	<blockquote cite="https://gist.github.com/hyp164D1/e7c0f44ffb38c00320aa1a6d98bee616">
 	  <p>An issue in the action_listcategories() function of Sangoma Asterisk
 	v22/22.0.0/22.0.0-rc1/22.0.0-rc2/22.0.0-pre1 allows attackers to
 	execute a path traversal.</p>
 	</blockquote>
 	</body>
     </description>
     <references>
       <cvename>CVE-2024-53566</cvename>
       <url>https://nvd.nist.gov/vuln/detail/CVE-2024-53566</url>
     </references>
     <dates>
       <discovery>2024-12-02</discovery>
       <entry>2025-01-12</entry>
     </dates>
   </vuln>
 
   <vuln vid="4d79fd1a-cc93-11ef-abed-08002784c58d">
     <topic>redis,valkey -- Denial-of-service valnerability due to malformed ACL selectors</topic>
     <affects>
       <package>
 	<name>redis</name>
 	<range><ge>7.0.0</ge><lt>7.4.2</lt></range>
       </package>
       <package>
 	<name>redis72</name>
 	<range><lt>7.2.7</lt></range>
       </package>
       <package>
 	<name>valkey</name>
 	<range><lt>8.0.2</lt></range>
       </package>
     </affects>
     <description>
 	<body xmlns="http://www.w3.org/1999/xhtml">
 	<p>Redis core team reports:</p>
 	<blockquote cite="https://github.com/redis/redis/security/advisories/GHSA-prpq-rh5h-46g9">
 	  <p>
 	    An authenticated with sufficient privileges may create a
 	    malformed ACL selector which, when accessed, triggers a
 	    server panic and subsequent denial of service.The problem
 	    exists in Redis 7.0.0 or newer.
 	  </p>
 	</blockquote>
 	</body>
     </description>
     <references>
       <cvename>CVE-2024-51741</cvename>
       <url>https://github.com/redis/redis/security/advisories/GHSA-prpq-rh5h-46g9</url>
     </references>
     <dates>
       <discovery>2025-01-06</discovery>
       <entry>2025-01-10</entry>
     </dates>
   </vuln>
 
   <vuln vid="5f19ac58-cc90-11ef-abed-08002784c58d">
     <topic>redis,valkey -- Remote code execution valnerability</topic>
     <affects>
       <package>
 	<name>redis</name>
 	<range><lt>7.4.2</lt></range>
       </package>
       <package>
 	<name>redis72</name>
 	<range><lt>7.2.7</lt></range>
       </package>
       <package>
 	<name>redis62</name>
 	<range><lt>6.2.17</lt></range>
       </package>
       <package>
 	<name>valkey</name>
 	<range><lt>8.0.2</lt></range>
       </package>
     </affects>
     <description>
 	<body xmlns="http://www.w3.org/1999/xhtml">
 	<p>Redis core team reports:</p>
 	<blockquote cite="https://github.com/redis/redis/security/advisories/GHSA-39h2-x6c4-6w4c">
 	  <p>
 	    An authenticated user may use a specially crafted Lua
 	    script to manipulate the garbage collector and potentially
 	    lead to remote code execution. The problem exists in all
 	    versions of Redis with Lua scripting.
 	  </p>
 	</blockquote>
 	</body>
     </description>
     <references>
       <cvename>CVE-2024-46981</cvename>
       <url>https://github.com/redis/redis/security/advisories/GHSA-39h2-x6c4-6w4c</url>
     </references>
     <dates>
       <discovery>2025-01-06</discovery>
       <entry>2025-01-10</entry>
     </dates>
   </vuln>
 
   <vuln vid="2bfde261-cdf2-11ef-b6b2-2cf05da270f3">
     <topic>Gitlab -- Vulnerabilities</topic>
     <affects>
       <package>
 	<name>gitlab-ce</name>
 	<name>gitlab-ee</name>
 	<range><ge>17.7.0</ge><lt>17.7.1</lt></range>
 	<range><ge>17.6.0</ge><lt>17.6.3</lt></range>
 	<range><ge>11.0.0</ge><lt>17.5.5</lt></range>
       </package>
     </affects>
     <description>
 	<body xmlns="http://www.w3.org/1999/xhtml">
 	<p>Gitlab reports:</p>
 	<blockquote cite="https://about.gitlab.com/releases/2025/01/08/patch-release-gitlab-17-7-1-released/">
 	  <p>Possible access token exposure in GitLab logs</p>
 	  <p>Cyclic reference of epics leads resource exhaustion</p>
 	  <p>Unauthorized user can manipulate status of issues in public projects</p>
 	  <p>Instance SAML does not respect external_provider configuration</p>
 	</blockquote>
 	</body>
     </description>
     <references>
       <cvename>CVE-2025-0194</cvename>
       <cvename>CVE-2024-6324</cvename>
       <cvename>CVE-2024-12431</cvename>
       <cvename>CVE-2024-13041</cvename>
       <url>https://about.gitlab.com/releases/2025/01/08/patch-release-gitlab-17-7-1-released/</url>
     </references>
     <dates>
       <discovery>2025-01-08</discovery>
       <entry>2025-01-08</entry>
     </dates>
   </vuln>