diff --git a/README.md b/README.md
index e41b879..e01d3ed 100644
--- a/README.md
+++ b/README.md
@@ -252,6 +252,7 @@
   * Apache Airflow 示例DAG中的命令注入 CVE-2020-11978
   * Apache Airflow 远程代码执行漏洞 CVE-2022-40127
   * Apache Airflow 默认密钥导致的权限绕过 CVE-2020-17526
+  * Apache HertzBeat SnakeYaml 反序列化远程代码执行漏洞 CVE-2024-42323
   * Apache Superset SECRET_KEY 未授权访问漏洞 CVE-2023-27524
   * Apache Unomi 远程表达式代码执行漏洞 CVE-2020-13942
   * Apache Zeppelin 未授权任意命令执行漏洞
@@ -308,6 +309,7 @@
   * F5 BIG-IP iControl REST身份认证绕过漏洞 CVE-2022-1388
   * F5 BIG-IP 远程代码执行漏洞 CVE-2020-5902
   * F5 BIG-IP 远程代码执行漏洞 CVE-2021-22986
+  * FFmpeg AVI 任意文件读取漏洞 CVE-2017-9993
   * FFmpeg 任意文件读取漏洞SSRF漏洞 CVE-2016-1897+CVE-2016-1898
   * Fhem FileLog_logWrapper 任意文件读取漏洞 CVE-2020-19360
   * Franklin Fueling Systems tsaupload.cgi 任意文件读取漏洞 CVE-2021-46417
@@ -359,6 +361,7 @@
   * JumpServer 未授权接口 远程命令执行漏洞
   * JumpServer 远程代码执行漏洞 CVE-2024-29201&CVE-2024-29202
   * Jupyter Notebook 未授权访问远程命令执行漏洞
+  * Kibana 7.6.2 upgrade-assistant-telemetry 原型污染导致远程代码执行 CVE-2020-7012
   * Kibana 原型链污染导致任意代码执行漏洞 CVE-2019-7609
   * Kibana 本地文件包含漏洞 CVE-2018-17246
   * kkFileView getCorsFile 任意文件读取漏洞 CVE-2021-43734
diff --git a/base/grafana/11.0.0/Dockerfile b/base/grafana/11.0.0/Dockerfile
new file mode 100644
index 0000000..17e74d6
--- /dev/null
+++ b/base/grafana/11.0.0/Dockerfile
@@ -0,0 +1,14 @@
+FROM grafana/grafana:11.0.0-ubuntu
+
+USER root
+
+# Install DuckDB
+COPY duckdb_cli-linux-amd64.zip /tmp/
+
+RUN apt-get update && apt-get install -y && apt-get install unzip -y
+    && unzip /tmp/duckdb_cli-linux-amd64.zip -d /usr/local/bin/ \
+    && chmod +x /usr/local/bin/duckdb \
+    && rm /tmp/duckdb_cli-linux-amd64.zip
+
+# Add DuckDB to the PATH
+ENV PATH="/usr/local/bin:${PATH}"
\ No newline at end of file
diff --git a/base/grafana/11.0.0/docker-compose.yml b/base/grafana/11.0.0/docker-compose.yml
new file mode 100644
index 0000000..e34cfeb
--- /dev/null
+++ b/base/grafana/11.0.0/docker-compose.yml
@@ -0,0 +1,40 @@
+services:
+  mysql:
+    image: mysql:latest
+    restart: always
+    environment:
+      - MYSQL_ROOT_PASSWORD=rootpassword
+      - MYSQL_DATABASE=grafanadb
+      - MYSQL_USER=grafana
+      - MYSQL_PASSWORD=grafanapassword
+    volumes:
+      - ./mysql-data:/var/lib/mysql
+    ports:
+      - "3306:3306"
+    healthcheck:
+      test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+  
+  grafana:
+    build: .
+    ports:
+      - "3000:3000"
+    environment:
+      - GF_SECURITY_ADMIN_PASSWORD=AwesomePoc123!
+      - GF_DATABASE_TYPE=mysql
+      - GF_DATABASE_HOST=mysql:3306
+      - GF_DATABASE_USER=grafana
+      - GF_DATABASE_PASSWORD=grafanapassword
+      - GF_DATABASE_NAME=grafanadb
+    volumes:
+      - grafana-storage:/var/lib/grafana
+      - ./grafana.ini:/etc/grafana/grafana.ini
+
+    depends_on:
+        mysql:
+         condition: service_healthy  
+volumes:
+  grafana-storage:
+  mysql-storage:
\ No newline at end of file