diff --git a/www/posts/2019/09/version-1-6-6-released.md b/www/posts/2019/09/version-1-6-6-released.md
index 7f479154..d00c076e 100644
--- a/www/posts/2019/09/version-1-6-6-released.md
+++ b/www/posts/2019/09/version-1-6-6-released.md
@@ -13,16 +13,17 @@ Mosquitto 1.6.6 and 1.5.9 have been released to address two security vulnerabili
 
 Titles and links will be updated once the CVE numbers are assigned.
 
-# CVE-xxxx-xxxxx
+# CVE-2019-11779
 
-A vulnerability exists in Mosquitto versions 1.5 to 1.6.5 inclusive.
+A vulnerability exists in Mosquitto versions 1.5 to 1.6.5 inclusive, known as
+[CVE-2019-11779].
 
 If a client sends a SUBSCRIBE packet containing a topic that consists of
 approximately 65400 or more '/' characters, i.e. the topic hierarchy separator,
 then a stack overflow will occur.
 
 The issue is fixed in Mosquitto 1.6.6 and 1.5.9. Patches for older versions are
-available at <https://mosquitto.org/files/cve/2019-hier>
+available at <https://mosquitto.org/files/cve/2019-11779>
 
 The fix addresses the problem by restricting the allowed number of topic
 hierarchy levels to 200. An alternative fix is to increase the size of the
@@ -39,7 +40,7 @@ interval is set longer than the session expiry interval, then a use after free
 error occurs, which has the potential to cause a crash in some situations.
 
 The issue is fixed in Mosquitto 1.6.5. Patches for older versions are available
-at <https://mosquitto.org/files/cve/2019-will-delay>
+at <https://mosquitto.org/files/cve/2019-11778>
 
 # Version 1.6.6 Changes
 
@@ -57,5 +58,6 @@ The complete list of fixes addressed in version 1.6.6 is:
   not exist. Closes [#1414].
 
 [CVE-2019-11778]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11778
+[CVE-2019-11779]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11779
 [#1412]: https://github.com/eclipse/mosquitto/issues/1412
 [#1414]: https://github.com/eclipse/mosquitto/issues/1414