From 118703a1ec0b8107dce4eb14c96277b78ba6624b Mon Sep 17 00:00:00 2001
From: rhpco <a.braccio@arduino.cc>
Date: Wed, 26 Nov 2025 14:51:21 +0100
Subject: [PATCH 1/6] Added ASEC-25-004

---
 ...2-3-7-Resolves-Multiple-Vulnerabilities.md | 46 +++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md

diff --git a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md
new file mode 100644
index 00000000..ec9827a6
--- /dev/null
+++ b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
@@ -0,0 +1,46 @@
+---
+title: ASEC-25-003 - Arduino-IDE v2.3.5 Resolves Multiple Vulnerabilities
+id: xxxx
+---
+
+Bulletin ID: ASEC-25-004
+Date: Nov 29, 2025  
+Product/Component: Arduino-IDE  
+Affected versions: \<= 2.3.6  
+Fixed version: \>= 2.3.7
+
+## Summary
+
+A new version of the Arduino IDE is now available at the following link: [Arduino IDE v2.3.7 Release](https://github.com/arduino/arduino-ide/releases/tag/2.3.7).
+
+This release includes following updates:
+* A dedicated security fix for the [CVE-2025-64724](https://nvd.nist.gov/vuln/detail/CVE-2025-64724) vulnerability that affects all Arduino IDE versions before version v2.3.7. Further details are available in the official security advisory at the following link: [GHSA-3fvj-pgqw-fgw6](https://github.com/arduino/arduino-ide/security/advisories/GHSA-3fvj-pgqw-fgw6).
+* Moreover, a dedicated security fix for the [CVE-2025-64725](https://nvd.nist.gov/vuln/detail/CVE-2025-64725) vulnerability that affects all Arduino IDE versions before version v2.3.7. Further details are available in the official security advisory at the following link: [GHSA-vf5j-xhwq-8vqj](https://github.com/arduino/arduino-ide/security/advisories/GHSA-vf5j-xhwq-8vqj).
+
+
+
+## Action Required
+
+To ensure security and stability, users are advised to update Arduino-IDE to version v2.3.7 as soon as possible. This update automatically includes all patches described above.
+
+**Update Steps:**
+
+1. Download the latest version from the official release page: [https://www.arduino.cc/en/software](https://www.arduino.cc/en/software)
+2. Follow the installation instructions provided in the documentation.
+3. Verify that the update was successful.
+
+## Additional Information
+
+For further details regarding the resolved vulnerabilities, refer to the following CVE reports:
+
+* [Arduino-IDE v2.3.7 Release](https://github.com/arduino/arduino-ide/releases/tag/2.3.7)
+* [CVE-2025-64724](https://nvd.nist.gov/vuln/detail/CVE-2025-64724)
+* [GHSA-3fvj-pgqw-fgw6](https://github.com/arduino/arduino-ide/security/advisories/GHSA-3fvj-pgqw-fgw6)
+* [CVE-2025-64725](https://nvd.nist.gov/vuln/detail/CVE-2025-64725)
+* [GHSA-vf5j-xhwq-8vqj](https://github.com/arduino/arduino-ide/security/advisories/GHSA-vf5j-xhwq-8vqj)
+
+For any questions or support, please refer to the [Arduino-IDE GitHub repository](https://github.com/arduino/arduino-ide) or the official support channels.
+
+## Contact
+
+If you encounter any issues or have questions regarding this security update, please contact our security team at security@arduino.cc.

From 203a7eae3ff9895550ef69bf39d0ec1b0fd78657 Mon Sep 17 00:00:00 2001
From: rhpco <a.braccio@arduino.cc>
Date: Thu, 18 Dec 2025 09:27:16 +0100
Subject: [PATCH 2/6] ASEC-25-004 Published

---
 ...4-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md
index ec9827a6..5c3e6a87 100644
--- a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
+++ b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
@@ -1,10 +1,9 @@
 ---
-title: ASEC-25-003 - Arduino-IDE v2.3.5 Resolves Multiple Vulnerabilities
-id: xxxx
+title: ASEC-25-004 - Arduino-IDE v2.3.7 Resolves Multiple Vulnerabilities
 ---
 
 Bulletin ID: ASEC-25-004
-Date: Nov 29, 2025  
+Date: Dec 18, 2025  
 Product/Component: Arduino-IDE  
 Affected versions: \<= 2.3.6  
 Fixed version: \>= 2.3.7

From bdc5875c0f3fb8c00cf1366277da8170e2d12f3e Mon Sep 17 00:00:00 2001
From: rhpco <a.braccio@arduino.cc>
Date: Thu, 18 Dec 2025 09:41:53 +0100
Subject: [PATCH 3/6] Updated formatting

---
 ...04-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md
index 5c3e6a87..3c05c71b 100644
--- a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
+++ b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
@@ -13,10 +13,10 @@ Fixed version: \>= 2.3.7
 A new version of the Arduino IDE is now available at the following link: [Arduino IDE v2.3.7 Release](https://github.com/arduino/arduino-ide/releases/tag/2.3.7).
 
 This release includes following updates:
-* A dedicated security fix for the [CVE-2025-64724](https://nvd.nist.gov/vuln/detail/CVE-2025-64724) vulnerability that affects all Arduino IDE versions before version v2.3.7. Further details are available in the official security advisory at the following link: [GHSA-3fvj-pgqw-fgw6](https://github.com/arduino/arduino-ide/security/advisories/GHSA-3fvj-pgqw-fgw6).
-* Moreover, a dedicated security fix for the [CVE-2025-64725](https://nvd.nist.gov/vuln/detail/CVE-2025-64725) vulnerability that affects all Arduino IDE versions before version v2.3.7. Further details are available in the official security advisory at the following link: [GHSA-vf5j-xhwq-8vqj](https://github.com/arduino/arduino-ide/security/advisories/GHSA-vf5j-xhwq-8vqj).
 
+* A dedicated security fix for the [CVE-2025-64724](https://nvd.nist.gov/vuln/detail/CVE-2025-64724) vulnerability that affects all Arduino IDE versions before version v2.3.7. Further details are available in the official security advisory at the following link: [GHSA-3fvj-pgqw-fgw6](https://github.com/arduino/arduino-ide/security/advisories/GHSA-3fvj-pgqw-fgw6).
 
+* Moreover, a dedicated security fix for the [CVE-2025-64725](https://nvd.nist.gov/vuln/detail/CVE-2025-64725) vulnerability that affects all Arduino IDE versions before version v2.3.7. Further details are available in the official security advisory at the following link: [GHSA-vf5j-xhwq-8vqj](https://github.com/arduino/arduino-ide/security/advisories/GHSA-vf5j-xhwq-8vqj).
 
 ## Action Required
 

From f5d74d9db70d07f708a229d0f588e3350778988c Mon Sep 17 00:00:00 2001
From: rhpco <a.braccio@arduino.cc>
Date: Thu, 18 Dec 2025 11:20:03 +0100
Subject: [PATCH 4/6] Update content/About Arduino/Arduino Security
 Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md

Co-authored-by: seaxwi <71350948+seaxwi@users.noreply.github.com>
---
 ...-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md
index 3c05c71b..78993321 100644
--- a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
+++ b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
@@ -24,7 +24,7 @@ To ensure security and stability, users are advised to update Arduino-IDE to ver
 
 **Update Steps:**
 
-1. Download the latest version from the official release page: [https://www.arduino.cc/en/software](https://www.arduino.cc/en/software)
+1. Download the latest version from the official release page: [https://www.arduino.cc/en/software](https://www.arduino.cc/en/software/#ide-download-section)
 2. Follow the installation instructions provided in the documentation.
 3. Verify that the update was successful.
 

From 1bc08026234ad0107114449ceeb79b56c3f75c8c Mon Sep 17 00:00:00 2001
From: rhpco <a.braccio@arduino.cc>
Date: Thu, 18 Dec 2025 11:20:14 +0100
Subject: [PATCH 5/6] Update content/About Arduino/Arduino Security
 Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md

Co-authored-by: seaxwi <71350948+seaxwi@users.noreply.github.com>
---
 ...-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md
index 78993321..6a46d52c 100644
--- a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
+++ b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
@@ -2,7 +2,7 @@
 title: ASEC-25-004 - Arduino-IDE v2.3.7 Resolves Multiple Vulnerabilities
 ---
 
-Bulletin ID: ASEC-25-004
+Bulletin ID: ASEC-25-004  
 Date: Dec 18, 2025  
 Product/Component: Arduino-IDE  
 Affected versions: \<= 2.3.6  

From aa37bd0916da72f537cdf2cc802b9f19b22a158b Mon Sep 17 00:00:00 2001
From: rhpco <a.braccio@arduino.cc>
Date: Thu, 18 Dec 2025 11:23:18 +0100
Subject: [PATCH 6/6] CVE number fixed

---
 ...04-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md
index 6a46d52c..55b21fdc 100644
--- a/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
+++ b/content/About Arduino/Arduino Security Bulletins/ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities.md	
@@ -16,7 +16,7 @@ This release includes following updates:
 
 * A dedicated security fix for the [CVE-2025-64724](https://nvd.nist.gov/vuln/detail/CVE-2025-64724) vulnerability that affects all Arduino IDE versions before version v2.3.7. Further details are available in the official security advisory at the following link: [GHSA-3fvj-pgqw-fgw6](https://github.com/arduino/arduino-ide/security/advisories/GHSA-3fvj-pgqw-fgw6).
 
-* Moreover, a dedicated security fix for the [CVE-2025-64725](https://nvd.nist.gov/vuln/detail/CVE-2025-64725) vulnerability that affects all Arduino IDE versions before version v2.3.7. Further details are available in the official security advisory at the following link: [GHSA-vf5j-xhwq-8vqj](https://github.com/arduino/arduino-ide/security/advisories/GHSA-vf5j-xhwq-8vqj).
+* Moreover, a dedicated security fix for the [CVE-2025-64723](https://nvd.nist.gov/vuln/detail/CVE-2025-64723) vulnerability that affects all Arduino IDE versions before version v2.3.7. Further details are available in the official security advisory at the following link: [GHSA-vf5j-xhwq-8vqj](https://github.com/arduino/arduino-ide/security/advisories/GHSA-vf5j-xhwq-8vqj).
 
 ## Action Required
 
@@ -35,7 +35,7 @@ For further details regarding the resolved vulnerabilities, refer to the followi
 * [Arduino-IDE v2.3.7 Release](https://github.com/arduino/arduino-ide/releases/tag/2.3.7)
 * [CVE-2025-64724](https://nvd.nist.gov/vuln/detail/CVE-2025-64724)
 * [GHSA-3fvj-pgqw-fgw6](https://github.com/arduino/arduino-ide/security/advisories/GHSA-3fvj-pgqw-fgw6)
-* [CVE-2025-64725](https://nvd.nist.gov/vuln/detail/CVE-2025-64725)
+* [CVE-2025-64723](https://nvd.nist.gov/vuln/detail/CVE-2025-64723)
 * [GHSA-vf5j-xhwq-8vqj](https://github.com/arduino/arduino-ide/security/advisories/GHSA-vf5j-xhwq-8vqj)
 
 For any questions or support, please refer to the [Arduino-IDE GitHub repository](https://github.com/arduino/arduino-ide) or the official support channels.