diff --git a/changelog/security/2023-08-24-grub.md b/changelog/security/2023-08-24-grub.md
new file mode 100644
index 0000000000..08b87f51b9
--- /dev/null
+++ b/changelog/security/2023-08-24-grub.md
@@ -0,0 +1 @@
+- grub ([CVE-2020-10713](https://nvd.nist.gov/vuln/detail/CVE-2020-10713), [CVE-2020-14372](https://nvd.nist.gov/vuln/detail/CVE-2020-14372), [CVE-2020-25632](https://nvd.nist.gov/vuln/detail/CVE-2020-25632), [CVE-2020-25647](https://nvd.nist.gov/vuln/detail/CVE-2020-25647), [CVE-2020-27749](https://nvd.nist.gov/vuln/detail/CVE-2020-27749), [CVE-2020-27779](https://nvd.nist.gov/vuln/detail/CVE-2020-27779), [CVE-2021-20225](https://nvd.nist.gov/vuln/detail/CVE-2021-20225), [CVE-2021-20233](https://nvd.nist.gov/vuln/detail/CVE-2021-20233), [CVE-2021-3981](https://nvd.nist.gov/vuln/detail/CVE-2021-3981), [CVE-2021-3695](https://nvd.nist.gov/vuln/detail/CVE-2021-3695), [CVE-2021-3696](https://nvd.nist.gov/vuln/detail/CVE-2021-3696), [CVE-2021-3697](https://nvd.nist.gov/vuln/detail/CVE-2021-3697), [CVE-2022-28733](https://nvd.nist.gov/vuln/detail/CVE-2022-28733), [CVE-2022-28734](https://nvd.nist.gov/vuln/detail/CVE-2022-28734), [CVE-2022-28735](https://nvd.nist.gov/vuln/detail/CVE-2022-28735), [CVE-2022-28736](https://nvd.nist.gov/vuln/detail/CVE-2022-28736), [CVE-2022-28737](https://nvd.nist.gov/vuln/detail/CVE-2022-28737), [CVE-2022-2601](https://nvd.nist.gov/vuln/detail/CVE-2022-2601), [CVE-2022-3775](https://nvd.nist.gov/vuln/detail/CVE-2022-3775))
diff --git a/changelog/updates/2023-08-24-grub.md b/changelog/updates/2023-08-24-grub.md
new file mode 100644
index 0000000000..87ba72b812
--- /dev/null
+++ b/changelog/updates/2023-08-24-grub.md
@@ -0,0 +1 @@
+- grub ([2.06](https://lists.gnu.org/archive/html/grub-devel/2021-06/msg00022.html))