diff --git a/.bundler-audit.yml b/.bundler-audit.yml
new file mode 100644
index 0000000..6704ea5
--- /dev/null
+++ b/.bundler-audit.yml
@@ -0,0 +1,3 @@
+---
+ignore:
+  - CVE-2024-27456 # https://github.com/advisories/GHSA-785g-282q-pwvx (packaging issue with rack-cors)