diff --git a/_posts/2023-09-28-security-advisory-2023-0009.md b/_posts/2023-09-28-security-advisory-2023-0009.md
new file mode 100644
index 000000000..1d78c6129
--- /dev/null
+++ b/_posts/2023-09-28-security-advisory-2023-0009.md
@@ -0,0 +1,74 @@
+---
+layout: post
+title: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009
+permalink: /security/WSA-2023-0009.html
+tags: WSA
+---
+
+* Date Reported: **September 28, 2023**
+
+* Advisory ID: **WSA-2023-0009**
+
+* CVE identifiers: [CVE-2023-39928](#CVE-2023-39928), [CVE-2023-35074](#CVE-2023-35074),
+ [CVE-2023-39434](#CVE-2023-39434), [CVE-2023-40451](#CVE-2023-40451),
+ [CVE-2023-41074](#CVE-2023-41074), [CVE-2023-41993](#CVE-2023-41993).
+
+
+Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
+
+* CVE-2023-39928
+ * Versions affected: WebKitGTK and WPE WebKit before 2.42.0.
+ * Credit to Marcin 'Icewall' Noga of Cisco Talos.
+ * A use-after-free vulnerability exists in the MediaRecorder API of
+ the WebKit GStreamer-based ports (WebKitGTK and WPE WebKit). A
+ specially crafted web page can abuse this vulnerability to cause
+ memory corruption and potentially arbitrary code execution. A user
+ would need to to visit a malicious webpage to trigger this
+ vulnerability. WebKit Bugzilla: 260649.
+
+* CVE-2023-35074
+ * Versions affected: WebKitGTK and WPE WebKit before 2.40.0.
+ * Credit to Abysslab Dong Jun Kim(@smlijun) and Jong Seong
+ Kim(@nevul37).
+ * Impact: Processing web content may lead to arbitrary code execution.
+ Description: The issue was addressed with improved memory handling.
+
+* CVE-2023-39434
+ * Versions affected: WebKitGTK and WPE WebKit before 2.40.5.
+ * Credit to Francisco Alonso (@revskills), and Dohyun Lee (@l33d0hyun)
+ of PK Security.
+ * Impact: Processing web content may lead to arbitrary code execution.
+ Description: A use-after-free issue was addressed with improved
+ memory management.
+
+* CVE-2023-40451
+ * Versions affected: WebKitGTK and WPE WebKit before 2.40.5.
+ * Credit to an anonymous researcher.
+ * Impact: An attacker with JavaScript execution may be able to execute
+ arbitrary code. Description: This issue was addressed with improved
+ iframe sandbox enforcement.
+
+* CVE-2023-41074
+ * Versions affected: WebKitGTK and WPE WebKit before 2.42.0.
+ * Credit to 이준성(Junsung Lee) of Cross Republic and me Li.
+ * Impact: Processing web content may lead to arbitrary code execution.
+ Description: The issue was addressed with improved checks.
+
+* CVE-2023-41993
+ * Versions affected: WebKitGTK and WPE WebKit before 2.42.1.
+ * Credit to Bill Marczak of The Citizen Lab at The University of
+ Toronto's Munk School and Maddie Stone of Google's Threat Analysis
+ Group.
+ * Impact: Processing web content may lead to arbitrary code execution.
+ Apple is aware of a report that this issue may have been actively
+ exploited. Description: The issue was addressed with improved
+ checks.
+
+
+We recommend updating to the latest stable versions of WebKitGTK and WPE
+WebKit. It is the best way to ensure that you are running safe versions
+of WebKit. Please check our websites for information about the latest
+stable releases.
+
+Further information about WebKitGTK and WPE WebKit security advisories can be found at:
+[https://webkitgtk.org/security.html](https://webkitgtk.org/security.html) or [https://wpewebkit.org/security/](https://wpewebkit.org/security/).