diff --git a/CVE-2025-10934.patch b/CVE-2025-10934.patch
new file mode 100644
index 0000000000000000000000000000000000000000..7bb35062f44ca7cd7c8a8bcc25bb6b32c9c89799
--- /dev/null
+++ b/CVE-2025-10934.patch
@@ -0,0 +1,46 @@
+From 5c3e2122d53869599d77ef0f1bdece117b24fd7c Mon Sep 17 00:00:00 2001
+From: Jacob Boerema <jgboerema@gmail.com>
+Date: Wed, 3 Sep 2025 18:37:26 -0400
+Subject: [PATCH] plug-ins: fix ZDI-CAN-27823
+
+Origin: https://github.com/GNOME/gimp/commit/5c3e2122d53869599d77ef0f1bdece117b24fd7c
+
+GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution
+Vulnerability.
+
+Check offset in colormap is valid before writing to it.
+
+Closes #14814
+
+(cherry picked from commit 4eb106f2bff2d9b8e518aa455a884c6f38d70c6a)
+---
+ plug-ins/common/file-xwd.c | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/plug-ins/common/file-xwd.c b/plug-ins/common/file-xwd.c
+index 6e0f8cd..54d32bd 100644
+--- a/plug-ins/common/file-xwd.c
++++ b/plug-ins/common/file-xwd.c
+@@ -1597,9 +1597,19 @@ load_xwd_f2_d16_b16 (const gchar     *filename,
+           greenval = (green * 255) / maxgreen;
+           for (blue = 0; blue <= maxblue; blue++)
+             {
++              guint32 offset = ((red << redshift) + (green << greenshift) +
++                                (blue << blueshift)) * 3;
++
++              if (offset+2 >= maxval)
++                {
++                  g_message (_("Invalid colormap offset. Possibly corrupt image."));
++                  g_free (data);
++                  g_free (ColorMap);
++                  g_object_unref (buffer);
++                  return NULL;
++                }
+               blueval = (blue * 255) / maxblue;
+-              cm = ColorMap + ((red << redshift) + (green << greenshift)
+-                               + (blue << blueshift)) * 3;
++              cm = ColorMap + offset;
+               *(cm++) = redval;
+               *(cm++) = greenval;
+               *cm = blueval;
+-- 
diff --git a/gimp.spec b/gimp.spec
index 4a45e0d553302756db185c7b7fef47bdf08f6bf7..110d2759750f09d5529caeaa8a6e46143fb5b14c 100644
--- a/gimp.spec
+++ b/gimp.spec
@@ -1,6 +1,6 @@
 Name:           gimp
 Version:        2.10.6
-Release:        14
+Release:        15
 Epoch:          2
 Summary:        A versatile graphics manipulation package
 License:        GPLv3+ and GPLv3
@@ -22,6 +22,7 @@ Patch6009:      CVE-2025-48798-1.patch
 Patch6010:      CVE-2025-48798-2.patch
 Patch6011:      CVE-2025-48798-3.patch
 Patch6012:      CVE-2025-5473.patch
+Patch6013:      CVE-2025-10934.patch
 
 %global apiversion 2.0
 %global textversion 20
@@ -268,6 +269,9 @@ make check %{?_smp_mflags}
 %{_mandir}/man*/*
 
 %changelog
+* Thu Oct 30 2025 yujingbo <yujingbo@kylinos.cn> - 2:2.10.6-15
+- Fix CVE-2025-10934
+
 * Wed Jun 11 2025 wangkai <13474090681@163.com> - 2:2.10.6-14
 - Fix CVE-2025-5473