diff --git a/changelog/security/2025-11-05-weekly-updates.md b/changelog/security/2025-11-05-weekly-updates.md
new file mode 100644
index 0000000000..21ce25c327
--- /dev/null
+++ b/changelog/security/2025-11-05-weekly-updates.md
@@ -0,0 +1,2 @@
+- coreutils ([CVE-2025-5278](https://www.cve.org/CVERecord?id=CVE-2025-5278))
+- go ([CVE-2025-47912](https://www.cve.org/CVERecord?id=CVE-2025-47912), [CVE-2025-58183](https://www.cve.org/CVERecord?id=CVE-2025-58183), [CVE-2025-58185](https://www.cve.org/CVERecord?id=CVE-2025-58185), [CVE-2025-58186](https://www.cve.org/CVERecord?id=CVE-2025-58186), [CVE-2025-58187](https://www.cve.org/CVERecord?id=CVE-2025-58187), [CVE-2025-58188](https://www.cve.org/CVERecord?id=CVE-2025-58188), [CVE-2025-58189](https://www.cve.org/CVERecord?id=CVE-2025-58189), [CVE-2025-61723](https://www.cve.org/CVERecord?id=CVE-2025-61723), [CVE-2025-61724](https://www.cve.org/CVERecord?id=CVE-2025-61724), [CVE-2025-61725](https://www.cve.org/CVERecord?id=CVE-2025-61725))
diff --git a/changelog/updates/2025-11-05-weekly-updates.md b/changelog/updates/2025-11-05-weekly-updates.md
new file mode 100644
index 0000000000..1a696f5ccc
--- /dev/null
+++ b/changelog/updates/2025-11-05-weekly-updates.md
@@ -0,0 +1,19 @@
+- SDK: cmake ([4.1.2](https://cmake.org/cmake/help/v4.1/release/4.1.html#id22) (includes [4.1.1](https://cmake.org/cmake/help/v4.1/release/4.1.html#id21), [4.1](https://cmake.org/cmake/help/v4.1/release/4.1.html), [4.0](https://cmake.org/cmake/help/v4.0/release/4.0.html)))
+- SDK: go ([1.25.3](https://go.dev/doc/devel/release#go1.25.minor))
+- base, dev: btrfs-progs ([6.17](https://github.com/kdave/btrfs-progs/releases/tag/v6.17))
+- base, dev: cifs-utils ([7.4](https://lwn.net/Articles/1024956/))
+- base, dev: coreutils ([9.8](https://lists.gnu.org/archive/html/info-gnu/2025-09/msg00005.html))
+- base, dev: hwdata ([0.399](https://github.com/vcrhonek/hwdata/releases/tag/v0.399))
+- base, dev: inih ([62](https://github.com/benhoyt/inih/releases/tag/r62) (includes [61](https://github.com/benhoyt/inih/releases/tag/r61)))
+- base, dev: iproute2 ([6.17.0](https://lore.kernel.org/all/20250929095042.48200315@hermes.local/))
+- base, dev: kbd ([2.9.0](https://github.com/legionus/kbd/releases/tag/v2.9.0))
+- base, dev: libtirpc ([1.3.7](https://git.linux-nfs.org/?p=steved/libtirpc.git;a=log;h=refs/tags/libtirpc-1-3-7))
+- base, dev: samba ([4.22.5](https://www.samba.org/samba/history/samba-4.22.5.html) (includes [4.22.4](https://www.samba.org/samba/history/samba-4.22.4.html)))
+- base, dev: strace ([6.17](https://github.com/strace/strace/releases/tag/v6.17))
+- base, dev: util-linux ([2.41.2](https://github.com/util-linux/util-linux/blob/v2.41.2/Documentation/releases/v2.41.2-ReleaseNotes))
+- dev: portage ([3.0.69.3](https://gitweb.gentoo.org/proj/portage.git/tree/NEWS?h=portage-3.0.69.3) (includes [3.0.69.2](https://gitweb.gentoo.org/proj/portage.git/tree/NEWS?h=portage-3.0.69.2), [3.0.69.1](https://gitweb.gentoo.org/proj/portage.git/tree/NEWS?h=portage-3.0.69.1), [3.0.69](https://gitweb.gentoo.org/proj/portage.git/tree/NEWS?h=portage-3.0.69)))
+- sysext-overlaybd: overlaybd ([1.0.16](https://github.com/containerd/overlaybd/releases/tag/v1.0.16))
+- sysext-podman: netavark ([1.16.1](https://github.com/containers/netavark/releases/tag/v1.16.1) (includes [1.16.0](https://github.com/containers/netavark/releases/tag/v1.16.0)))
+- sysext-python: more-itertools ([10.8.0](https://github.com/more-itertools/more-itertools/releases/tag/v10.8.0))
+- sysext-python: setuptools-scm ([9.2.0](https://github.com/pypa/setuptools-scm/releases/tag/v9.2.0) (includes [9.1.0](https://github.com/pypa/setuptools-scm/releases/tag/v9.1.0), [9.0.0](https://github.com/pypa/setuptools-scm/releases/tag/v9.0.0)))
+- sysext-python: trove-classifiers ([2025.9.11.17](https://github.com/pypa/trove-classifiers/releases/tag/2025.9.11.17) (includes (2025.9.9.12)[https://github.com/pypa/trove-classifiers/releases/tag/2025.9.9.12], [2025.9.8.13](https://github.com/pypa/trove-classifiers/releases/tag/2025.9.8.13)))