diff --git a/README.md b/README.md
index 6e522f1..a189eb3 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,8 @@ source-based PoCs before Vagrant rsyncs them to `/vagrant` on the guest.
 
 ## Vulnerabilities
 
-| CVE            | Name      | CVSS | Type | Box                 | Exploit                                  |
-| -------------- | --------- | ---- | ---- | ------------------- | ---------------------------------------- |
-| CVE-2026-31431 | copyfail  | 7.8  | LPE  | debian13-20260221.0 | [Python PoC](https://copy.fail/#exploit) |
-| CVE-2026-43284 | dirtyfrag | 8.8  | LPE  | debian13-20260221.0 | [C PoC](https://dirtyfrag.io/)           |
+| CVE            | Name            | CVSS | Type      | Box                 | Exploit                                                       |
+| -------------- | --------------- | ---- | --------- | ------------------- | ------------------------------------------------------------- |
+| CVE-2026-31431 | copyfail        | 7.8  | LPE       | debian13-20260221.0 | [Python PoC](https://copy.fail/#exploit)                      |
+| CVE-2026-43284 | dirtyfrag       | 8.8  | LPE       | debian13-20260221.0 | [C PoC](https://dirtyfrag.io/)                                |
+| CVE-2026-46333 | ssh-keysign-pwn | 7.1  | Info Leak | debian13-20260221.0 | [C PoC](https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn) |