diff --git a/gems/rd_searchlogic/CVE-2011-10026.yml b/gems/rd_searchlogic/CVE-2011-10026.yml
new file mode 100644
index 0000000000..9095c43971
--- /dev/null
+++ b/gems/rd_searchlogic/CVE-2011-10026.yml
@@ -0,0 +1,28 @@
+---
+gem: rd_searchlogic
+cve: 2011-10026
+ghsa: x485-rhg3-cqr4
+url: https://github.com/advisories/GHSA-x485-rhg3-cqr4
+title: Spree Commerce is vulnerable to RCE through Search API
+date: 2025-08-20
+description: |
+  Spreecommerce versions prior to 0.50.x contain a remote command
+  execution vulnerability in the API's search functionality. Improper
+  input sanitation allows attackers to inject arbitrary shell commands
+  via the search[instance_eval] parameter, which is dynamically invoked
+  using Ruby’s send method. This flaw enables unauthenticated attackers
+  to execute commands on the server.
+cvss_v3: 9.8
+cvss_v4: 9.3
+notes: Never patched
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2011-10026
+    - https://github.com/spree
+    - https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_searchlogic_exec.rb
+    - https://web.archive.org/web/20111120023342/http://spreecommerce.com/blog/2011/04/19/security-fixes
+    - https://www.exploit-db.com/exploits/17199
+    - https://www.vulncheck.com/advisories/spreecommerce-api-rce
+    - https://github.com/spree/spree/commit/0a9a360c590829d8a377ceae0cf997bbbbcc2df4
+    - https://github.com/spree/spree/commit/3b559e7219f3681184be409ad00cd34a34a37978
+    - https://github.com/advisories/GHSA-x485-rhg3-cqr4
diff --git a/gems/spree/CVE-2011-10026.yml b/gems/spree/CVE-2011-10026.yml
new file mode 100644
index 0000000000..67a2f7f995
--- /dev/null
+++ b/gems/spree/CVE-2011-10026.yml
@@ -0,0 +1,31 @@
+---
+gem: spree
+cve: 2011-10026
+ghsa: x485-rhg3-cqr4
+url: https://github.com/advisories/GHSA-x485-rhg3-cqr4
+title: Spree Commerce is vulnerable to RCE through Search API
+date: 2025-08-20
+description: |
+  Spreecommerce versions prior to 0.50.x contain a remote command
+  execution vulnerability in the API's search functionality. Improper
+  input sanitation allows attackers to inject arbitrary shell commands
+  via the search[instance_eval] parameter, which is dynamically invoked
+  using Ruby’s send method. This flaw enables unauthenticated attackers
+  to execute commands on the server.
+cvss_v3: 9.8
+cvss_v4: 9.3
+unaffected_versions:
+  - "< 0.30.0.beta1"
+patched_versions:
+  - ">= 0.50.0"
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2011-10026
+    - https://github.com/spree
+    - https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_searchlogic_exec.rb
+    - https://web.archive.org/web/20111120023342/http://spreecommerce.com/blog/2011/04/19/security-fixes
+    - https://www.exploit-db.com/exploits/17199
+    - https://www.vulncheck.com/advisories/spreecommerce-api-rce
+    - https://github.com/spree/spree/commit/0a9a360c590829d8a377ceae0cf997bbbbcc2df4
+    - https://github.com/spree/spree/commit/3b559e7219f3681184be409ad00cd34a34a37978
+    - https://github.com/advisories/GHSA-x485-rhg3-cqr4