diff --git a/CVE-2025-40929.patch b/CVE-2025-40929.patch
new file mode 100644
index 0000000000000000000000000000000000000000..a495c142ac78c5792821484481ca0deb613ffe9d
--- /dev/null
+++ b/CVE-2025-40929.patch
@@ -0,0 +1,44 @@
+From 378236219eaa35742c3962ecbdee364903b0a1f2 Mon Sep 17 00:00:00 2001
+From: Marc Lehmann <schmorp@schmorp.de>
+Date: Sat, 6 Sep 2025 11:31:36 +0200
+Subject: [PATCH] fix json_atof_scan1 overflows
+
+with fuzzed overlong numbers. CVE-2025-40928
+Really the comparisons were wrong.
+---
+ XS.xs | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/XS.xs b/XS.xs
+index 9b1ce2b..2b9900f 100755
+--- a/XS.xs
++++ b/XS.xs
+@@ -710,16 +710,16 @@ json_atof_scan1 (const char *s, NV *accum, int *expo, int postdp, int maxdepth)
+   /* if we recurse too deep, skip all remaining digits */
+   /* to avoid a stack overflow attack */
+   if (UNLIKELY(--maxdepth <= 0))
+-    while (((U8)*s - '0') < 10)
++    while (*s >= '0' && *s <= '9')
+       ++s;
+ 
+   for (;;)
+     {
+-      U8 dig = (U8)*s - '0';
++      U8 dig = (U8)(*s - '0');
+ 
+       if (UNLIKELY(dig >= 10))
+         {
+-          if (dig == (U8)((U8)'.' - (U8)'0'))
++          if (dig == (U8)('.' - '0'))
+             {
+               ++s;
+               json_atof_scan1 (s, accum, expo, 1, maxdepth);
+@@ -739,7 +739,7 @@ json_atof_scan1 (const char *s, NV *accum, int *expo, int postdp, int maxdepth)
+               else if (*s == '+')
+                 ++s;
+ 
+-              while ((dig = (U8)*s - '0') < 10)
++              while (*s >= '0' && *s <= '9')
+                 exp2 = exp2 * 10 + *s++ - '0';
+ 
+               *expo += neg ? -exp2 : exp2;
diff --git a/perl-Cpanel-JSON-XS.spec b/perl-Cpanel-JSON-XS.spec
index a91f4a7415147262d4ef4034a3d6dac7c804cac3..5a80bbb6fbe8561b6c9e088445494e4a19a9c14d 100644
--- a/perl-Cpanel-JSON-XS.spec
+++ b/perl-Cpanel-JSON-XS.spec
@@ -1,12 +1,13 @@
 %global _empty_manifest_terminate_build 0
 Name:           perl-Cpanel-JSON-XS
 Version:        4.39
-Release:        2
+Release:        3
 Summary:        CPanel fork of JSON::XS, fast and correct serializing
 License:        GPL-1.0-or-later or Artistic-1.0-Perl
 Group:          Development/Libraries
 URL:            https://metacpan.org/release/Cpanel-JSON-XS/
 Source0:        https://cpan.metacpan.org/authors/id/R/RU/RURBAN/Cpanel-JSON-XS-%{version}.tar.gz
+Patch0:         CVE-2025-40929.patch
 BuildRequires:  perl-generators
 BuildRequires:  perl(Carp)
 BuildRequires:  perl(Data::Dumper)
@@ -49,7 +50,7 @@ reach the latter goal it was written in C.
 
 
 %prep
-%setup -q -n Cpanel-JSON-XS-%{version}
+%autosetup -n Cpanel-JSON-XS-%{version} -p1
 
 
 %build
@@ -77,6 +78,9 @@ make test
 %{_mandir}/man?/*
 
 %changelog
+* Tue Sep 09 2025 yaoxin <1024769339@qq.com> - 4.39-3
+- Fix CVE-2025-40929
+
 * Sun Jan 19 2025 Funda Wang <fundawang@yeah.net> - 4.39-2
 - drop useless perl(:MODULE_COMPAT) requirement