GH-5073: added note on CVEs

Signed-off-by: Bart Hanssens <bart.hanssens@bosa.fgov.be>

Author: barthanssens

site/content/release-notes/5.0.1.md

@@ -13,6 +13,11 @@ The following dependencies and/or transitive dependencies have been updated to a
  - Upgraded snappy-java to 1.1.10.5
  - Upgraded netty to 4.1.111
 
+These upgrades fix several issues reported in various CVEs (more details can be found in the RDF4J github [issue list](https://github.com/eclipse-rdf4j/rdf4j/issues?q=is%3Aissue+label%3Asecurity+is%3Aclosed) ).
+While these vulnerabilities may or may not affect the security of RDF4J itself in a real-world environment, 
+users are nevertheless recommended to consider upgrading to the latest version of RDF4J.
+
+
 ### Acknowledgements
 
 This release was made possible by contributions from Florian Kleedorfer, Håvard M. Ottestad, Matthew Nguyen, Bart Hanssens,