diff --git a/.changelog/24683.txt b/.changelog/24683.txt
index af07d6a99..fe6617b27 100644
--- a/.changelog/24683.txt
+++ b/.changelog/24683.txt
@@ -1,3 +1,3 @@
 ```release-note:security
-api: sanitize the SignedIdentities in allocations to prevent privilege escalation through unredacted workload identity token impersonation associated with ACL policies.
+api: sanitize the SignedIdentities in allocations to prevent privilege escalation through unredacted workload identity token impersonation associated with ACL policies. ([CVE-2025-1296](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1296))
 ```