diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7461163a..664a9d6b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Added helm upgrade feature into helm test
 
 ## fixed
+- Handled UrnSyntaxException.
 
 ## 0.2.14
 ### Added
diff --git a/SECURITY.md b/SECURITY.md
index 1c3f1692..f9e8c992 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,6 +1,17 @@
-# Security Policy
-
 ## Reporting a Vulnerability
 
-Please report a found vulnerability here:
-[https://www.eclipse.org/security/](https://www.eclipse.org/security/)
+Please do **not** report security vulnerabilities through public GitHub issues.
+
+Please report vulnerabilities to this repository via **GitHub security advisories** instead.
+
+How? Inside affected repository → security tab
+
+for contributor:  
+→ Report a vulnerability
+
+for committer:  
+→ advisories → New draft security advisory
+
+In severe cases, you can also report a found vulnerability via mail or eclipse issue here: https://www.eclipse.org/security/
+
+See [Eclipse Foundation Vulnerability Reporting Policy](https://www.eclipse.org/projects/handbook/#vulnerability)
\ No newline at end of file
diff --git a/backend/src/main/java/org/eclipse/tractusx/semantics/ApiExceptionHandler.java b/backend/src/main/java/org/eclipse/tractusx/semantics/ApiExceptionHandler.java
index 3a600e75..1802ed18 100644
--- a/backend/src/main/java/org/eclipse/tractusx/semantics/ApiExceptionHandler.java
+++ b/backend/src/main/java/org/eclipse/tractusx/semantics/ApiExceptionHandler.java
@@ -24,6 +24,14 @@
 import java.util.Map;
 import java.util.stream.Collectors;
 
+import org.eclipse.esmf.aspectmodel.urn.UrnSyntaxException;
+import org.eclipse.tractusx.semantics.hub.AspectModelNotFoundException;
+import org.eclipse.tractusx.semantics.hub.EntityNotFoundException;
+import org.eclipse.tractusx.semantics.hub.InvalidAspectModelException;
+import org.eclipse.tractusx.semantics.hub.InvalidStateTransitionException;
+import org.eclipse.tractusx.semantics.hub.ModelPackageNotFoundException;
+import org.eclipse.tractusx.semantics.hub.model.Error;
+import org.eclipse.tractusx.semantics.hub.model.ErrorResponse;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -35,14 +43,6 @@
 import org.springframework.web.context.request.WebRequest;
 import org.springframework.web.method.annotation.MethodArgumentConversionNotSupportedException;
 import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
-import org.eclipse.tractusx.semantics.hub.AspectModelNotFoundException;
-import org.eclipse.tractusx.semantics.hub.EntityNotFoundException;
-import org.eclipse.tractusx.semantics.hub.InvalidAspectModelException;
-import org.eclipse.tractusx.semantics.hub.InvalidStateTransitionException;
-
-import org.eclipse.tractusx.semantics.hub.ModelPackageNotFoundException;
-import org.eclipse.tractusx.semantics.hub.model.Error;
-import org.eclipse.tractusx.semantics.hub.model.ErrorResponse;
 
 import jakarta.servlet.http.HttpServletRequest;
 
@@ -124,4 +124,12 @@ public ResponseEntity<ErrorResponse> handleInvalidStateTransitionException( fina
                         .path( request.getRequestURI() ) ), HttpStatus.BAD_REQUEST );
     }
 
+   @ExceptionHandler( { UrnSyntaxException.class } )
+   public ResponseEntity<ErrorResponse> handleInvalidStateTransitionException( final HttpServletRequest request, final UrnSyntaxException exception ) {
+      return new ResponseEntity<>( new ErrorResponse()
+            .error( new Error()
+                  .message( exception.getMessage() )
+                  .path( request.getRequestURI() ) ), HttpStatus.BAD_REQUEST );
+   }
+
 }
diff --git a/backend/src/test/java/org/eclipse/tractusx/semantics/hub/ModelsApiTest.java b/backend/src/test/java/org/eclipse/tractusx/semantics/hub/ModelsApiTest.java
index 0f324147..6295b224 100644
--- a/backend/src/test/java/org/eclipse/tractusx/semantics/hub/ModelsApiTest.java
+++ b/backend/src/test/java/org/eclipse/tractusx/semantics/hub/ModelsApiTest.java
@@ -923,4 +923,15 @@ public void testDependentModelBAMM() throws Exception {
    private static String toMovementUrn(String urn){
       return urn + "Movement";
    }
+
+   @Test
+   public void testGetModelByURNWithInvalidURN() throws Exception {
+      String urnPrefix = "urn:invalid";
+      mvc.perform( MockMvcRequestBuilders.get( "/api/v1/models/{urn}", urnPrefix ).with( jwtTokenFactory.allRoles() ) )
+            .andDo( MockMvcResultHandlers.print() )
+            .andExpect( status().isBadRequest() )
+            .andExpect( jsonPath( "$.error.message", is(
+                  "The URN must consist of at least 5 sections adhering to the following schema: "
+                        + "urn:samm:<organisation>:<optional>:<version>:<model-name>." ) ) );
+   }
 }
\ No newline at end of file