diff --git a/CHANGES.md b/CHANGES.md
index 746bee5..d429f78 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -5,7 +5,7 @@ Changes in PDFio
 v1.3.1 (August DD, 2024)
 ------------------------
 
-- CVE 2024-NNNNN: Updated TrueType font reader to avoid large memory
+- CVE 2024-42358: Updated TrueType font reader to avoid large memory
   allocations.