diff --git a/causal/oidc/CVE-2025-24856.yaml b/causal/oidc/CVE-2025-24856.yaml
new file mode 100644
index 000000000..b26b86469
--- /dev/null
+++ b/causal/oidc/CVE-2025-24856.yaml
@@ -0,0 +1,8 @@
+title: 'TYPO3-EXT-SA-2025-001: Account Takeover in extension "OpenID Connect Authentication" (oidc)'
+link: https://typo3.org/security/advisory/typo3-ext-sa-2025-001
+cve: CVE-2025-24856
+branches:
+    main:
+        time: 2025-01-27 18:56:00
+        versions: ['>=3.0.0', '<4.0.0']
+reference: composer://causal/oidc