diff --git a/CVE-2026-41039.md b/CVE-2026-41039.md
new file mode 100644
index 0000000..17ec1f0
--- /dev/null
+++ b/CVE-2026-41039.md
@@ -0,0 +1,23 @@
+![CVE](https://img.shields.io/badge/CVE-2026--41039-red)
+
+# CVE-2026-41039 — Information Disclosure (Quantum Networks Router)
+
+**Severity:** High (8.7)  
+**CWE:** CWE-306  
+
+## Summary
+Missing authentication and improper access control expose internal API endpoints, allowing attackers to access sensitive data.
+
+## Impact
+- Information disclosure  
+- Exposure of internal endpoints, scripts, directories  
+
+## Fix
+Enforce authentication, secure API endpoints, and harden default configurations.
+
+## References
+- https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0200  
+- https://www.cve.org/CVERecord?id=CVE-2026-41039  
+
+## Credits
+Rakesh Elamaran, Joel William A, Bajino Viju, Stalin S, Janish Andrin J, Kalpana B N