diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 2ff934c81fe7d5..f47a323ea386ea 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -1185,15 +1185,20 @@ const dh = createDiffieHellmanGroup('modp16');
 
 The following groups are supported:
 
-* `'modp1'` (768 bits, [RFC 2409][] Section 6.1)
-* `'modp2'` (1024 bits, [RFC 2409][] Section 6.2)
-* `'modp5'` (1536 bits, [RFC 3526][] Section 2)
 * `'modp14'` (2048 bits, [RFC 3526][] Section 3)
 * `'modp15'` (3072 bits, [RFC 3526][] Section 4)
 * `'modp16'` (4096 bits, [RFC 3526][] Section 5)
 * `'modp17'` (6144 bits, [RFC 3526][] Section 6)
 * `'modp18'` (8192 bits, [RFC 3526][] Section 7)
 
+The following groups are still supported but deprecated (see [Caveats][]):
+
+* `'modp1'` (768 bits, [RFC 2409][] Section 6.1) <span class="deprecated-inline"></span>
+* `'modp2'` (1024 bits, [RFC 2409][] Section 6.2) <span class="deprecated-inline"></span>
+* `'modp5'` (1536 bits, [RFC 3526][] Section 2) <span class="deprecated-inline"></span>
+
+These deprecated groups might be removed in future versions of Node.js.
+
 ## Class: `ECDH`
 
 <!-- YAML
diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index bb0549d7ab4cea..33168decdb796a 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -3199,9 +3199,28 @@ Package imports and exports targets mapping into paths including a double slash
 error in a future release. This same deprecation also applies to pattern matches
 starting or ending in a slash.
 
+### DEP0167: Weak `DiffieHellmanGroup` instances (`modp1`, `modp2`, `modp5`)
+
+<!-- YAML
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/44588
+    description: Documentation-only deprecation.
+-->
+
+Type: Documentation-only
+
+The well-known MODP groups `modp1`, `modp2`, and `modp5` are deprecated because
+they are not secure against practical attacks. See [RFC 8247 Section 2.4][] for
+details.
+
+These groups might be removed in future versions of Node.js. Applications that
+rely on these groups should evaluate using stronger MODP groups instead.
+
 [Legacy URL API]: url.md#legacy-url-api
 [NIST SP 800-38D]: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf
 [RFC 6066]: https://tools.ietf.org/html/rfc6066#section-3
+[RFC 8247 Section 2.4]: https://www.rfc-editor.org/rfc/rfc8247#section-2.4
 [WHATWG URL API]: url.md#the-whatwg-url-api
 [`"exports"` or `"main"` entry]: packages.md#main-entry-point-export
 [`--pending-deprecation`]: cli.md#--pending-deprecation
diff --git a/doc/api_assets/style.css b/doc/api_assets/style.css
index acab9bfa04858e..4bff9e3299f25f 100644
--- a/doc/api_assets/style.css
+++ b/doc/api_assets/style.css
@@ -598,7 +598,8 @@ hr {
   padding-left: 5rem;
 }
 
-#toc .stability_0::after {
+#toc .stability_0::after,
+.deprecated-inline::after {
   background-color: var(--red2);
   color: var(--white);
   content: "deprecated";