diff --git a/yiisoft/yii2/CVE-2024-4990.yaml b/yiisoft/yii2/CVE-2024-4990.yaml
new file mode 100644
index 000000000..b0678fa65
--- /dev/null
+++ b/yiisoft/yii2/CVE-2024-4990.yaml
@@ -0,0 +1,8 @@
+title: Unsafe Reflection in base Component class
+link: https://github.com/yiisoft/yii2/security/advisories/GHSA-cjcc-p67m-7qxm
+cve: CVE-2024-4990
+branches:
+    2.0.49.x:
+        time: 2024-06-04 16:23:00
+        versions: ['<2.0.49.4']
+reference: composer://yiisoft/yii2