diff --git a/advisories/unreviewed/2026/04/GHSA-qmq6-f8pr-cx5x/GHSA-qmq6-f8pr-cx5x.json b/advisories/unreviewed/2026/04/GHSA-qmq6-f8pr-cx5x/GHSA-qmq6-f8pr-cx5x.json
index 793c0476c0c81..69e580f402511 100644
--- a/advisories/unreviewed/2026/04/GHSA-qmq6-f8pr-cx5x/GHSA-qmq6-f8pr-cx5x.json
+++ b/advisories/unreviewed/2026/04/GHSA-qmq6-f8pr-cx5x/GHSA-qmq6-f8pr-cx5x.json
@@ -2,11 +2,12 @@
   "schema_version": "1.4.0",
   "id": "GHSA-qmq6-f8pr-cx5x",
   "modified": "2026-04-23T06:30:22Z",
-  "published": "2026-04-23T06:30:22Z",
+  "published": "2026-04-23T06:30:23Z",
   "aliases": [
+    "CVE-2026-41907",
     "CVE-2026-41988"
   ],
-  "details": "uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue.",
+  "details": "CVE-2026-41988 and GHSA-qmq6-f8pr-cx5x are duplicates. Use CVE-2026-41907 and GHSA-w5hq-g745-h8pq instead.",
   "severity": [
     {
       "type": "CVSS_V3",
@@ -19,6 +20,10 @@
       "type": "WEB",
       "url": "https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://www.cve.org/CVERecord?id=CVE-2026-41907"
+    },
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41988"