fixed typo in CVE

Author: dghgit

docs/releasenotes.html

@@ -62,7 +62,7 @@ <h3>2.1.4 Security Fixes</h3>
 <li>CVE-2026-0636 - LDAP Injection Vulnerability in LDAPStoreHelper.java.</li>
 <li>CVE-2026-3505 - Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.</li>
 <li>CVE-2026-5588 - PKIX draft CompositeVerifier accepts empty signature sequence as valid.</li>
-<li>CVE-2026-5998 - Non-constant time comparisons risk private key leakage in FrodoKEM.</li>
+<li>CVE-2026-5598 - Non-constant time comparisons risk private key leakage in FrodoKEM.</li>
 </ul>
 <h3>2.1.5 Additional Notes</h3>
 <ul>