diff --git a/2022/3xxx/CVE-2022-3926.json b/2022/3xxx/CVE-2022-3926.json
new file mode 100644
index 00000000000..bbee7aaaba5
--- /dev/null
+++ b/2022/3xxx/CVE-2022-3926.json
@@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2022-3926",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2022/40xxx/CVE-2022-40149.json b/2022/40xxx/CVE-2022-40149.json
index 18f10be5472..c346b1f3e29 100644
--- a/2022/40xxx/CVE-2022-40149.json
+++ b/2022/40xxx/CVE-2022-40149.json
@@ -82,6 +82,11 @@
                 "refsource": "MISC",
                 "url": "https://github.com/jettison-json/jettison/issues/45",
                 "name": "https://github.com/jettison-json/jettison/issues/45"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[debian-lts-announce] 20221110 [SECURITY] [DLA 3184-1] libjettison-java security update",
+                "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00011.html"
             }
         ]
     },