diff --git a/README.md b/README.md
index 67e2155..63389bc 100644
--- a/README.md
+++ b/README.md
@@ -263,6 +263,7 @@ For convenience, a web front-end on top of the command-line tool is available at
  - Added built-in policy for OpenSSH 10.0.
  - Added hardening guides and policies for Debian 13.
  - Added 2 new key exchanges: `mlkem768nistp256-sha256`, `mlkem1024nistp384-sha384`.
+ - Added 1 new host key: `webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com`.
  - Added 2 new ciphers: `AEAD_CAMELLIA_128_GCM`, `AEAD_CAMELLIA_256_GCM`.
 
 ### v3.3.0 (2024-10-15)
diff --git a/src/ssh_audit/ssh2_kexdb.py b/src/ssh_audit/ssh2_kexdb.py
index 0df24fd..630b042 100644
--- a/src/ssh_audit/ssh2_kexdb.py
+++ b/src/ssh_audit/ssh2_kexdb.py
@@ -1,7 +1,7 @@
 """
    The MIT License (MIT)
 
-   Copyright (C) 2017-2025 Joe Testa (jtesta@positronsecurity.com)
+   Copyright (C) 2017-2026 Joe Testa (jtesta@positronsecurity.com)
    Copyright (C) 2017 Andris Raugulis (moo@arthepsy.eu)
 
    Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -272,6 +272,7 @@ class SSH2_KexDB:  # pylint: disable=too-few-public-methods
             'ssh-xmss-cert-v01@openssh.com': [['7.7'], [WARN_EXPERIMENTAL]],
             'ssh-xmss@openssh.com': [['7.7'], [WARN_EXPERIMENTAL]],
             'webauthn-sk-ecdsa-sha2-nistp256@openssh.com': [['8.3'], [FAIL_NSA_BACKDOORED_CURVE]],
+            'webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com': [['10.3'], [FAIL_NSA_BACKDOORED_CURVE]],
             'x509v3-ecdsa-sha2-1.3.132.0.10': [[], [FAIL_UNKNOWN]],
             'x509v3-ecdsa-sha2-nistp256': [[], [FAIL_NSA_BACKDOORED_CURVE]],
             'x509v3-ecdsa-sha2-nistp384': [[], [FAIL_NSA_BACKDOORED_CURVE]],