diff --git a/cves.json b/cves.json
index 135286cfc9f..1d1c89c2860 100644
--- a/cves.json
+++ b/cves.json
@@ -445,6 +445,7 @@
 {"ID":"CVE-2017-17736","Info":{"Name":"Kentico - Installer Privilege Escalation","Severity":"critical","Description":"Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 are susceptible to a privilege escalation attack. An attacker can obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2017/CVE-2017-17736.yaml"}
 {"ID":"CVE-2017-18024","Info":{"Name":"AvantFAX 3.3.3 - Cross-Site Scripting","Severity":"medium","Description":"AvantFAX 3.3.3 contains a cross-site scripting vulnerability via an arbitrary parameter name submitted to the default URL, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18024.yaml"}
 {"ID":"CVE-2017-18349","Info":{"Name":"Fastjson Insecure Deserialization - Remote Code Execution","Severity":"critical","Description":"parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi-// URI in the dataSourceName field of HTTP POST data to the Pippo /json URI, which is mishandled in AjaxApplication.java.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2017/CVE-2017-18349.yaml"}
+{"ID":"CVE-2017-18362","Info":{"Name":"Kaseya VSA 2017 ConnectWise ManagedITSync - Remote Code Execution","Severity":"critical","Description":"ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. If the ManagedIT.asmx page is available via the Kaseya VSA web interface, anyone with access to the page is able to run arbitrary SQL queries, both read and write, without authentication.In February 2019, attackers actively exploited this vulnerability in the wild to download and execute ransomware payloads on all endpoints managed by the VSA server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2017/CVE-2017-18362.yaml"}
 {"ID":"CVE-2017-18487","Info":{"Name":"AdPush \u003c 1.44 - Cross-Site Scripting","Severity":"medium","Description":"The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18487.yaml"}
 {"ID":"CVE-2017-18490","Info":{"Name":"Contact Form Multi by BestWebSoft \u003c 1.2.1 - Cross-Site Scripting","Severity":"medium","Description":"The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18490.yaml"}
 {"ID":"CVE-2017-18491","Info":{"Name":"Contact Form by BestWebSoft \u003c 4.0.6 - Cross-Site Scripting","Severity":"medium","Description":"The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18491.yaml"}
diff --git a/cves.json-checksum.txt b/cves.json-checksum.txt
index 8df4fcf35e4..bc9606051b4 100644
--- a/cves.json-checksum.txt
+++ b/cves.json-checksum.txt
@@ -1 +1 @@
-10d3701473afe9a09715c17056735e5a
+2030631f70cbd2af39abf37d30c01f4f