diff --git a/reported/CVE-2026-42290.md b/reported/CVE-2026-42290.md
index 87868d6..a577ef5 100644
--- a/reported/CVE-2026-42290.md
+++ b/reported/CVE-2026-42290.md
@@ -1,12 +1,17 @@
 ![CVE](https://img.shields.io/badge/CVE-2026--42290-red)
 
+# CVE-2026-42290 — protobufjs `pbts` Command Injection via Unsanitized File Paths
 
-# protobufjs `pbts` Command Injection via Unsanitized File Paths
+> CVE-2026-42290 has been officially published.
 
 ## Overview
 
 The `pbts` CLI tool in protobufjs constructed a shell command using unsanitized file paths and executed it via `child_process.exec`, allowing shell metacharacters in file names or paths to be interpreted by the shell.
 
+**CVE ID:** CVE-2026-42290
+
+**Affected Component:** protobufjs CLI (`pbts`)
+
 **Severity:** High
 
 **Vulnerability Type:** Command Injection
@@ -58,3 +63,4 @@ The protobufjs runtime APIs for encoding, decoding, parsing, and loading protobu
 ## Discoverer
 
 **Stalin S** ([@0x5t4l1n](https://github.com/0x5t4l1n))
+