diff --git a/CVE-2025-48734.patch b/CVE-2025-48734.patch
new file mode 100644
index 0000000000000000000000000000000000000000..7f160bf2865a5d51dcff2b04b0b18e76fc90e1dd
--- /dev/null
+++ b/CVE-2025-48734.patch
@@ -0,0 +1,98 @@
+From 28ad955a1613ed5885870cc7da52093c1ce739dc Mon Sep 17 00:00:00 2001
+From: Gary Gregory <garydgregory@gmail.com>
+Date: Sun, 25 May 2025 09:07:32 -0400
+Subject: [PATCH] Add
+ org.apache.commons.beanutils.SuppressPropertiesBeanIntrospector.SUPPRESS_DECLARING_CLASS
+
+---
+ pom.xml                                       |  11 +-
+ src/changes/changes.xml                       |   3 +-
+ .../commons/beanutils/PropertyUtilsBean.java  |   1 +
+ .../SuppressPropertiesBeanIntrospector.java   |  24 ++--
+ .../commons/beanutils/package-info.java       |  18 ++-
+ .../apache/commons/beanutils/TestEnum.java    |  33 ++++++
+ .../bugs/EnumDeclaringClassTest.java          | 108 ++++++++++++++++++
+ 7 files changed, 180 insertions(+), 18 deletions(-)
+ create mode 100644 src/test/java/org/apache/commons/beanutils/TestEnum.java
+ create mode 100644 src/test/java/org/apache/commons/beanutils/bugs/EnumDeclaringClassTest.java
+
+--- a/src/main/java/org/apache/commons/beanutils/PropertyUtilsBean.java
++++ b/src/main/java/org/apache/commons/beanutils/PropertyUtilsBean.java
+@@ -189,6 +189,7 @@ public class PropertyUtilsBean {
+         introspectors.clear();
+         introspectors.add(DefaultBeanIntrospector.INSTANCE);
+         introspectors.add(SuppressPropertiesBeanIntrospector.SUPPRESS_CLASS);
++        introspectors.add(SuppressPropertiesBeanIntrospector.SUPPRESS_DECLARING_CLASS);
+     }
+ 
+     /**
+--- a/src/main/java/org/apache/commons/beanutils/SuppressPropertiesBeanIntrospector.java
++++ b/src/main/java/org/apache/commons/beanutils/SuppressPropertiesBeanIntrospector.java
+@@ -37,16 +37,24 @@ import java.util.Set;
+  * @since 1.9.2
+  */
+ public class SuppressPropertiesBeanIntrospector implements BeanIntrospector {
++
++    /**
++     * A specialized instance which is configured to suppress the special {@code class} properties of Java beans. Unintended access to the property
++     * {@code class} (which is common to all Java objects) can be a security risk because it also allows access to the class loader. Adding this instance as
++     * {@code BeanIntrospector} to an instance of {@code PropertyUtilsBean} suppresses the {@code class} property; it can then no longer be accessed.
++     */
++    public static final SuppressPropertiesBeanIntrospector SUPPRESS_CLASS = new SuppressPropertiesBeanIntrospector(Collections.singleton("class"));
++
+     /**
+-     * A specialized instance which is configured to suppress the special {@code class}
+-     * properties of Java beans. Unintended access to the property {@code class} (which is
+-     * common to all Java objects) can be a security risk because it also allows access to
+-     * the class loader. Adding this instance as {@code BeanIntrospector} to an instance
+-     * of {@code PropertyUtilsBean} suppresses the {@code class} property; it can then no
+-     * longer be accessed.
++     * A specialized instance which is configured to suppress the special {@code class} properties of Java beans. Unintended access to the call for
++     * {@code declaringClass} (which is common to all Java {@code enum}) can be a security risk because it also allows access to the class loader. Adding this
++     * instance as {@code BeanIntrospector} to an instance of {@code PropertyUtilsBean} suppresses the {@code class} property; it can then no longer be
++     * accessed.
++     *
++     * @since 1.11.0
+      */
+-    public static final SuppressPropertiesBeanIntrospector SUPPRESS_CLASS =
+-            new SuppressPropertiesBeanIntrospector(Collections.singleton("class"));
++    public static final SuppressPropertiesBeanIntrospector SUPPRESS_DECLARING_CLASS = new SuppressPropertiesBeanIntrospector(
++            Collections.singleton("declaringClass"));
+ 
+     /** A set with the names of the properties to be suppressed. */
+     private final Set<String> propertyNames;
+--- a/src/main/java/org/apache/commons/beanutils/package-info.java
++++ b/src/main/java/org/apache/commons/beanutils/package-info.java
+@@ -429,20 +429,26 @@
+  * then be removed if they have been detected by other <code>BeanIntrospector</code>
+  * instances during processing of a bean class.</p>
+  *
+- * <p>A good use case for suppressing properties is the special <code>class</code>
++ * <p>A good use case for suppressing properties is the special {@code class}
+  * property which is per default available for all beans; it is generated from the
+- * <code>getClass()</code> method inherited from <code>Object</code> which follows the
++ * {@code getClass()} method inherited from {@code Object} which follows the
+  * naming conventions for property get methods. Exposing this property in an
+  * uncontrolled way can lead to a security vulnerability as it allows access to
+  * the class loader. More information can be found at
+  * <a href="https://issues.apache.org/jira/browse/BEANUTILS-463">
+  * https://issues.apache.org/jira/browse/BEANUTILS-463</a>.</p>
+  *
+- * <p>Because the <code>class</code> property is undesired in many use cases
+- * there is already an instance of <code>SuppressPropertiesBeanIntrospector</code>
++ * <p>Because the {@code class} property is undesired in many use cases
++ * there is already an instance of {@code SuppressPropertiesBeanIntrospector}
+  * which is configured to suppress this property. It can be obtained via the
+- * <code>SUPPRESS_CLASS</code> constant of
+- * <code>SuppressPropertiesBeanIntrospector</code>.</p>
++ * {@code SUPPRESS_CLASS} constant of
++ * {@code SuppressPropertiesBeanIntrospector}.</p>
++ *
++ * <p>Another problematic property is the {@code enum} "declaredClass" property,
++ * through which you can also access that class' class loader. The {@code SuppressPropertiesBeanIntrospector}
++ * provides {@code SUPPRESS_DECLARING_CLASS} to workaround this issue.</p>
++ *
++ * <p>Both {@code SUPPRESS_CLASS} and {@code SUPPRESS_DECLARING_CLASS} are enabled by default.</p>
+  *
+  * <a name="dynamic"></a>
+  * <h1>3. Dynamic Beans (DynaBeans)</h1>
diff --git a/apache-commons-beanutils.spec b/apache-commons-beanutils.spec
index 0f6db7c2eb0ca07f284d9d1131bbf10fba3a9ed6..f10fe82d208644d2827fd30fddd2f835f598f920 100644
--- a/apache-commons-beanutils.spec
+++ b/apache-commons-beanutils.spec
@@ -2,13 +2,14 @@
 %global short_name   commons-%{base_name}
 Name:                apache-%{short_name}
 Version:             1.9.4
-Release:             3
+Release:             4
 Summary:             Java utility methods for accessing and modifying the properties of arbitrary JavaBeans
 License:             ASL 2.0
 BuildArch:           noarch
 URL:                 http://commons.apache.org/%{base_name}
 Source0:             http://archive.apache.org/dist/commons/%{base_name}/source/%{short_name}-%{version}-src.tar.gz
 Patch0:              Remove-unstable-test-cases.patch 
+Patch1:              CVE-2025-48734.patch
 BuildRequires:       maven-local mvn(commons-collections:commons-collections)
 BuildRequires:       mvn(commons-collections:commons-collections-testframework)
 BuildRequires:       mvn(commons-logging:commons-logging) mvn(junit:junit)
@@ -26,8 +27,7 @@ Summary:             Javadoc for %{name}
 %{summary}.
 
 %prep
-%setup -q -n %{short_name}-%{version}-src
-%patch0 -p1
+%autosetup -n %{short_name}-%{version}-src -p1
 sed -i 's/\r//' *.txt
 %pom_remove_plugin :maven-assembly-plugin
 %mvn_alias :{*} :@1-core :@1-bean-collections
@@ -53,6 +53,9 @@ xmvn test --batch-mode --offline verify
 %doc LICENSE.txt NOTICE.txt
 
 %changelog
+* Tue Jul 01 2025 yaoxin <1024769339@qq.com> - 1.9.4-4
+- Fix CVE-2025-48734
+
 * Wed Jul 6 2022 liyanan <liyanan32@h-partners.com> - 1.9.4-3
 - Remove unstable test cases