diff --git a/cves.json b/cves.json
index 4e8c9a28ff5..68386e9a0b8 100644
--- a/cves.json
+++ b/cves.json
@@ -3245,6 +3245,7 @@
 {"ID":"CVE-2024-55591","Info":{"Name":"Fortinet - Authentication Bypass","Severity":"critical","Description":"Fortinet FortiOS is vulnerable to an information disclosure via service-worker.js that could allow an attacker to access sensitive information.This vulnerability affects FortiOS and could potentially lead to unauthorized access to the system.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-55591.yaml"}
 {"ID":"CVE-2024-55956","Info":{"Name":"Cleo Harmony \u003c 5.8.0.24 - File Upload Vulnerability","Severity":"critical","Description":"In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-55956.yaml"}
 {"ID":"CVE-2024-56145","Info":{"Name":"Craft CMS - Remote Code Execution via Template Path Manipulation","Severity":"critical","Description":"This template identifies a critical Remote Code Execution (RCE) vulnerability in Craft CMS, identified as GHSA-2p6p-9rc9-62j9.\nThe vulnerability exists due to improper handling of the `--templatesPath` query parameter, allowing attackers to execute arbitrary code by referencing malicious Twig templates.\n","Classification":{"CVSSScore":"9.3"}},"file_path":"http/cves/2024/CVE-2024-56145.yaml"}
+{"ID":"CVE-2024-56159","Info":{"Name":"Astro - Information Disclosure","Severity":"medium","Description":"Astro versions v5.0.3 through v5.0.7 and Astro v4.16.17 or older with sourcemaps enabled contain a source code disclosure caused by sourcemap files being publicly accessible in the build output folder, letting unauthenticated users read server source code, exploit requires sourcemaps to be enabled.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-56159.yaml"}
 {"ID":"CVE-2024-56325","Info":{"Name":"Apache Pinot \u003c 1.3.0 - Authentication Bypass","Severity":"critical","Description":"This vulnerability allows remote attackers to bypass authentication on affected installations of Apache Pinot. Authentication is not required to exploit this vulnerability.The specific flaw exists within the AuthenticationFilter class. The issue results from insufficient neutralization of special characters in a URI. An attacker can leverage this vulnerability to bypass authentication on the system.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-56325.yaml"}
 {"ID":"CVE-2024-56512","Info":{"Name":"Apache NiFi - Information Disclosure","Severity":"medium","Description":"Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups. Creating a new Process Group can include binding to a Parameter Context, but in cases where the Process Group did not reference any Parameter values, the framework did not check user authorization for the bound Parameter Context. Missing authorization for a bound Parameter Context enabled clients to download non-sensitive Parameter values after creating the Process Group.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-56512.yaml"}
 {"ID":"CVE-2024-57045","Info":{"Name":"D-Link DIR-859 - Information Disclosure","Severity":"critical","Description":"A critical information disclosure vulnerability exists in D-Link devices where sensitive device account information including credentials can be retrieved by sending an unauthenticated request to `/getcfg.php` endpoint with the parameter `SERVICES=DEVICE.ACCOUNT`. This could allow attackers to obtain administrative credentials and gain full control of the affected device.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-57045.yaml"}
diff --git a/cves.json-checksum.txt b/cves.json-checksum.txt
index 7b3e969894a..512f9ed16fa 100644
--- a/cves.json-checksum.txt
+++ b/cves.json-checksum.txt
@@ -1 +1 @@
-07f333351e38d38343748cef624759e8
+7f9c80d52c13c56e8aba2faa7836c30e