diff --git a/changelog/security/2026-03-04-weekly-updates.md b/changelog/security/2026-03-04-weekly-updates.md
new file mode 100644
index 0000000000..9b5905e7b7
--- /dev/null
+++ b/changelog/security/2026-03-04-weekly-updates.md
@@ -0,0 +1,17 @@
+- c-ares ([CVE-2025-62408](https://www.cve.org/CVERecord?id=CVE-2025-62408))
+- curl ([CVE-2025-13034](https://www.cve.org/CVERecord?id=CVE-2025-13034), [CVE-2025-14017](https://www.cve.org/CVERecord?id=CVE-2025-14017), [CVE-2025-14524](https://www.cve.org/CVERecord?id=CVE-2025-14524), [CVE-2025-14819](https://www.cve.org/CVERecord?id=CVE-2025-14819), [CVE-2025-15079](https://www.cve.org/CVERecord?id=CVE-2025-15079), [CVE-2025-15224](https://www.cve.org/CVERecord?id=CVE-2025-15224))
+- expat ([CVE-2026-24515](https://www.cve.org/CVERecord?id=CVE-2026-24515), [CVE-2026-25210](https://www.cve.org/CVERecord?id=CVE-2026-25210))
+- glib ([CVE-2025-13601](https://www.cve.org/CVERecord?id=CVE-2025-13601), [CVE-2025-14087](https://www.cve.org/CVERecord?id=CVE-2025-14087))
+- glibc ([CVE-2026-0861](https://www.cve.org/CVERecord?id=CVE-2026-0861), [CVE-2026-0915](https://www.cve.org/CVERecord?id=CVE-2026-0915), [CVE-2025-15281](https://www.cve.org/CVERecord?id=CVE-2025-15281))
+- gnupg ([CVE-2026-24881](https://www.cve.org/CVERecord?id=CVE-2026-24881), [CVE-2026-24882](https://www.cve.org/CVERecord?id=CVE-2026-24882), [CVE-2026-24883](https://www.cve.org/CVERecord?id=CVE-2026-24883))
+- gnutls ([CVE-2025-14831](https://www.cve.org/CVERecord?id=CVE-2025-14831), [CVE-2026-1584](https://www.cve.org/CVERecord?id=CVE-2026-1584))
+- incus ([CVE-2026-23953](https://www.cve.org/CVERecord?id=CVE-2026-23953))
+- intel-microcode ([CVE-2025-31648](https://www.cve.org/CVERecord?id=CVE-2025-31648))
+- libpcap ([CVE-2025-11961](https://www.cve.org/CVERecord?id=CVE-2025-11961), [CVE-2025-11964](https://www.cve.org/CVERecord?id=CVE-2025-11964))
+- libtasn1 ([CVE-2025-13151](https://www.cve.org/CVERecord?id=CVE-2025-13151))
+- libxslt ([CVE-2025-10911](https://www.cve.org/CVERecord?id=CVE-2025-10911), [CVE-2025-11731](https://www.cve.org/CVERecord?id=CVE-2025-9714))
+- nvidia-drivers ([CVE-2025-33219](https://www.cve.org/CVERecord?id=CVE-2025-33219))
+- p11-kit ([CVE-2026-2100](https://www.cve.org/CVERecord?id=CVE-2026-2100))
+- rsync ([CVE-2025-10158](https://www.cve.org/CVERecord?id=CVE-2025-10158))
+- sssd ([CVE-2025-11561](https://www.cve.org/CVERecord?id=CVE-2025-11561))
+- util-linux ([CVE-2025-14104](https://www.cve.org/CVERecord?id=CVE-2025-14104))
diff --git a/changelog/updates/2026-03-04-weekly-updates.md b/changelog/updates/2026-03-04-weekly-updates.md
new file mode 100644
index 0000000000..974d29d701
--- /dev/null
+++ b/changelog/updates/2026-03-04-weekly-updates.md
@@ -0,0 +1,59 @@
+- SDK: catalyst ([4.1.1](https://gitweb.gentoo.org/proj/catalyst.git/log/?h=4.1.1))
+- SDK: gnu-efi ([4.0.4](https://github.com/ncroxon/gnu-efi/releases/tag/4.0.4) (includes [4.0.3](https://github.com/ncroxon/gnu-efi/releases/tag/4.0.3)))
+- SDK: meson ([1.9.2](https://github.com/mesonbuild/meson/commits/1.9.2/))
+- SDK: qemu ([10.2.0](https://wiki.qemu.org/ChangeLog/10.2) (includes [10.1.0](https://wiki.qemu.org/ChangeLog/10.1)))
+- SDK: rust ([1.92.0_p1](https://blog.rust-lang.org/2025/12/11/Rust-1.92.0/))
+- base, dev: c-ares ([1.34.6](https://github.com/c-ares/c-ares/releases/tag/v1.34.6))
+- base, dev: cryptsetup ([2.8.3](https://gitlab.com/cryptsetup/cryptsetup/-/raw/v2.8.3/docs/v2.8.3-ReleaseNotes) (includes [2.8.2](https://gitlab.com/cryptsetup/cryptsetup/-/raw/v2.8.2/docs/v2.8.2-ReleaseNotes)))
+- base, dev: curl ([8.18.0](https://curl.se/ch/8.18.0.html))
+- base, dev: expat ([2.7.4](https://github.com/libexpat/libexpat/blob/R_2_7_4/expat/Changes))
+- base, dev: gentoo-functions ([1.7.6](https://gitweb.gentoo.org/proj/gentoo-functions.git/log/?h=gentoo-functions-1.7.6))
+- base, dev: glibc ([2.42](https://lists.gnu.org/archive/html/info-gnu/2025-07/msg00011.html))
+- base, dev: gnupg ([2.5.17](https://files.gnupg.net/file/data/jiwtprsp56hruiqgobdo/PHID-FILE-xmky7kawpp72qwjjv3ss/NEWS))
+- base, dev: gnutls ([3.8.12](https://lists.gnutls.org/pipermail/gnutls-help/2026-February/004914.html))
+- base, dev: intel-microcode ([20260210_p20260211](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20260210-rev1))
+- base, dev: iproute2 ([6.18.0](https://www.spinics.net/lists/netdev/msg1142134.html))
+- base, dev: libgpg-error ([1.58](https://raw.githubusercontent.com/gpg/libgpg-error/refs/tags/libgpg-error-1.58/NEWS))
+- base, dev: libpcap ([1.10.6](https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.10.6/CHANGES))
+- base, dev: libsodium ([1.0.21_p20260122](https://github.com/jedisct1/libsodium/releases/tag/1.0.21-RELEASE))
+- base, dev: libtasn1 ([4.21.0](https://lists.gnu.org/archive/html/info-gnu/2026-01/msg00003.html))
+- base, dev: linux-headers ([6.18](https://kernelnewbies.org/Linux_6.18))
+- base, dev: nftables ([1.1.6](https://lwn.net/Articles/1049470/))
+- base, dev: nghttp2 ([1.68.0](https://github.com/nghttp2/nghttp2/releases/tag/v1.68.0) (includes [1.67.1](https://github.com/nghttp2/nghttp2/releases/tag/v1.67.1), [1.67.0](https://github.com/nghttp2/nghttp2/releases/tag/v1.67.0), [1.66.0](https://github.com/nghttp2/nghttp2/releases/tag/v1.66.0)))
+- base, dev: p11-kit ([0.26.2](https://github.com/p11-glue/p11-kit/releases/tag/0.26.2) (includes [0.26.1](https://github.com/p11-glue/p11-kit/releases/tag/0.26.1), [0.26.0](https://github.com/p11-glue/p11-kit/releases/tag/0.26.0), [0.25.10](https://github.com/p11-glue/p11-kit/releases/tag/0.25.10), [0.25.9](https://github.com/p11-glue/p11-kit/releases/tag/0.25.9), [0.25.8](https://github.com/p11-glue/p11-kit/releases/tag/0.25.8), [0.25.7](https://github.com/p11-glue/p11-kit/releases/tag/0.25.7), [0.25.6](https://github.com/p11-glue/p11-kit/releases/tag/0.25.6)))
+- base, dev: pax-utils ([1.3.10](https://gitweb.gentoo.org/proj/pax-utils.git/log/?h=v1.3.10))
+- base, dev: quota ([4.11](https://sourceforge.net/projects/linuxquota/files/quota-tools/4.11/))
+- base, dev: socat ([1.8.1.0](https://repo.or.cz/socat.git/blob/refs/tags/tag-1.8.1.0:/CHANGES))
+- base, dev: sqlite ([3.51.2](https://sqlite.org/releaselog/3_51_2.html))
+- base, dev: sssd ([2.9.8](https://sssd.io/release-notes/sssd-2.9.8.html))
+- base, dev: strace ([6.18](https://github.com/strace/strace/releases/tag/v6.18))
+- base, dev: systemd ([258.3](https://github.com/systemd/systemd/releases/tag/v258))
+- base, dev: tcpdump ([4.99.6](https://raw.githubusercontent.com/the-tcpdump-group/tcpdump/refs/tags/tcpdump-4.99.6/CHANGES))
+- base, dev: timezone-data ([2025c](https://lists.iana.org/hyperkitty/list/tz-announce@iana.org/thread/TAGXKYLMAQRZRFTERQ33CEKOW7KRJVAK/))
+- base, dev: util-linux ([2.41.3](https://raw.githubusercontent.com/util-linux/util-linux/refs/tags/v2.41.3/Documentation/releases/v2.41.3-ReleaseNotes))
+- base, dev: wireguard-tools ([1.0.20250521](https://git.zx2c4.com/wireguard-tools/log/?h=v1.0.20250521))
+- base, dev: xfsprogs ([6.18.0](https://web.git.kernel.org/pub/scm/fs/xfs/xfsprogs-dev.git/plain/doc/CHANGES?h=v6.18.0))
+- base, dev: xz-utils ([5.8.2](https://github.com/tukaani-project/xz/releases/tag/v5.8.2))
+- dev: eselect ([1.4.31](https://gitweb.gentoo.org/proj/eselect.git/plain/NEWS?id=598206e66aa7c08192113249e13f4083a13deeae))
+- dev: gdb ([17.1](https://sourceware.org/pipermail/gdb-announce/2025/000147.html))
+- dev: gentoolkit ([0.7.1](https://gitweb.gentoo.org/proj/gentoolkit.git/log/?h=gentoolkit-0.7.1))
+- dev: iperf ([3.20](https://github.com/esnet/iperf/releases/tag/3.20))
+- dev: portage ([3.0.77](https://codeberg.org/gentoo/portage/raw/tag/portage-3.0.77/NEWS) (includes [3.0.76](https://codeberg.org/gentoo/portage/raw/tag/portage-3.0.76/NEWS), [3.0.75](https://codeberg.org/gentoo/portage/raw/tag/portage-3.0.75/NEWS), [3.0.74](https://codeberg.org/gentoo/portage/raw/tag/portage-3.0.74/NEWS), [3.0.73](https://codeberg.org/gentoo/portage/raw/tag/portage-3.0.73/NEWS)))
+- sysext-containerd: containerd ([2.2.1](https://github.com/containerd/containerd/releases/tag/v2.2.1))
+- sysext-incus, sysext-podman, vmware: fuse ([3.18.1](https://github.com/libfuse/libfuse/releases/tag/fuse-3.18.1) (includes [3.18.0](https://github.com/libfuse/libfuse/releases/tag/fuse-3.18.0)))
+- sysext-nvidia-drivers-535, sysext-nvidia-drivers-535-open: nvidia-drivers ([535.288.01](https://docs.nvidia.com/datacenter/tesla/tesla-release-notes-535-288-01/index.html))
+- sysext-nvidia-drivers-570, sysext-nvidia-drivers-570-open: nvidia-drivers ([570.211.01](https://docs.nvidia.com/datacenter/tesla/tesla-release-notes-570-211-01/index.html))
+- sysext-podman: aardvark-dns ([1.17.0](https://github.com/containers/aardvark-dns/releases/tag/v1.17.0) (includes [1.16.0](https://github.com/containers/aardvark-dns/releases/tag/v1.16.0)))
+- sysext-podman: containers-common ([0.64.2](https://github.com/containers/common/releases/tag/v0.64.2) (includes [0.64.1](https://github.com/containers/common/releases/tag/v0.64.1), [0.64.0](https://github.com/containers/common/releases/tag/v0.64.0)))
+- sysext-podman: containers-image ([5.36.2](https://github.com/containers/image/releases/tag/v5.36.2) (includes [5.36.1](https://github.com/containers/image/releases/tag/v5.36.1), [5.36.0](https://github.com/containers/image/releases/tag/v5.36.0)))
+- sysext-podman: containers-storage ([1.59.1](https://github.com/containers/storage/releases/tag/v1.59.1) (includes [1.59.0](https://github.com/containers/storage/releases/tag/v1.59.0), [1.58.0](https://github.com/containers/storage/releases/tag/v1.58.0)))
+- sysext-podman: fuse-overlayfs ([1.16](https://github.com/containers/fuse-overlayfs/releases/tag/v1.16))
+- sysext-podman: netavark ([1.17.1](https://github.com/containers/netavark/releases/tag/v1.17.1) (includes [1.17.0](https://github.com/containers/netavark/releases/tag/v1.17.0)))
+- sysext-podman: passt ([2025.12.15](https://archives.passt.top/passt-user/20251215183014.758802aa@elisabeth/T/#u))
+- sysext-podman: podman ([5.7.1](https://github.com/containers/podman/releases/tag/v5.7.1))
+- sysext-python: jaraco-context ([6.1.0](https://raw.githubusercontent.com/jaraco/jaraco.context/refs/tags/v6.1.0/NEWS.rst))
+- sysext-python: jaraco-functools ([4.4.0](https://raw.githubusercontent.com/jaraco/jaraco.functools/refs/tags/v4.4.0/NEWS.rst))
+- sysext-python: packaging ([26.0](https://github.com/pypa/packaging/releases/tag/26.0))
+- sysext-python: trove-classifiers ([2026.1.14.14](https://github.com/pypa/trove-classifiers/releases/tag/2026.1.14.14))
+- sysext-python: wheel ([0.46.2](https://github.com/pypa/wheel/releases/tag/0.46.2) (includes [0.46.1](https://github.com/pypa/wheel/releases/tag/0.46.1), [0.46.0](https://github.com/pypa/wheel/releases/tag/0.46.0)))
+- vmware: libxslt ([1.1.45](https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.45))