diff --git a/crates/flatbuffers/RUSTSEC-2021-0122.md b/crates/flatbuffers/RUSTSEC-2021-0122.md
index c56e594..ecce190 100644
--- a/crates/flatbuffers/RUSTSEC-2021-0122.md
+++ b/crates/flatbuffers/RUSTSEC-2021-0122.md
@@ -15,6 +15,10 @@ patched = []
 Code generated by flatbuffers' compiler is `unsafe` but not marked as such.
 See https://github.com/google/flatbuffers/issues/6627 for details.
 
+For example, if generated code is used to decode malformed or untrusted input
+undefined behavior (and thus security vulnerabilities) are possible even without
+the use of the `unsafe` keyword, [violating the the meaning of `safe`](https://doc.rust-lang.org/std/keyword.unsafe.html#the-different-meanings-of-unsafe) code;
+
 All users that use generated code by `flatbuffers` compiler are recommended to:
 1. not expose flatbuffer generated code as part of their public APIs
 2. audit their code and look for any usage of `follow`, `push`, or any method that uses them