diff --git a/CVE-2025-40928.patch b/CVE-2025-40928.patch
new file mode 100644
index 0000000000000000000000000000000000000000..b0c395cc2882cdc80cc1c0238ece6ec7f7f73bb5
--- /dev/null
+++ b/CVE-2025-40928.patch
@@ -0,0 +1,33 @@
+diff --git a/XS.xs b/XS.xs
+index 9c9c3cf..d7f3424 100644
+--- a/XS.xs
++++ b/XS.xs
+@@ -247,16 +247,16 @@ json_atof_scan1 (const char *s, NV *accum, int *expo, int postdp, int maxdepth)
+   // if we recurse too deep, skip all remaining digits
+   // to avoid a stack overflow attack
+   if (expect_false (--maxdepth <= 0))
+-    while (((U8)*s - '0') < 10)
++    while ((U8)(*s - '0') < 10)
+       ++s;
+ 
+   for (;;)
+     {
+-      U8 dig = (U8)*s - '0';
++      U8 dig = *s - '0';
+ 
+       if (expect_false (dig >= 10))
+         {
+-          if (dig == (U8)((U8)'.' - (U8)'0'))
++          if (dig == (U8)('.' - '0'))
+             {
+               ++s;
+               json_atof_scan1 (s, accum, expo, 1, maxdepth);
+@@ -276,7 +276,7 @@ json_atof_scan1 (const char *s, NV *accum, int *expo, int postdp, int maxdepth)
+               else if (*s == '+')
+                 ++s;
+ 
+-              while ((dig = (U8)*s - '0') < 10)
++              while ((dig = (U8)(*s - '0')) < 10)
+                 exp2 = exp2 * 10 + *s++ - '0';
+ 
+               *expo += neg ? -exp2 : exp2;
diff --git a/perl-JSON-XS.spec b/perl-JSON-XS.spec
index aeff43376101c79b74d87d63e1adf9e58b077081..be2e9dbd8a03b4b1dd883d0ce5520a7cac6f00f3 100644
--- a/perl-JSON-XS.spec
+++ b/perl-JSON-XS.spec
@@ -2,11 +2,12 @@ Name:           perl-JSON-XS
 Summary:        JSON serializing/de-serializing, done correctly and fast
 Epoch:          1
 Version:        3.04
-Release:        6
+Release:        7
 License:        GPL+ or Artistic
 Group:          Development/Libraries
 URL:            https://metacpan.org/release/JSON-XS
 Source0:        https://cpan.metacpan.org/authors/id/M/ML/MLEHMANN/JSON-XS-%{version}.tar.gz
+Patch0:         CVE-2025-40928.patch
 
 BuildRequires:  coreutils gcc make perl-devel perl-generators perl-interpreter
 BuildRequires:  perl(Canary::Stability) perl(ExtUtils::MakeMaker) >= 6.76
@@ -27,7 +28,7 @@ reach the latter goal it was written in C.
 %package_help
 
 %prep
-%autosetup -n JSON-XS-%{version}
+%autosetup -n JSON-XS-%{version} -p1
 
 sed -i 's/\r//' t/*
 perl -pi -e 's|^#!/opt/bin/perl|#!%{__perl}|' eg/*
@@ -55,5 +56,8 @@ make test
 %{_mandir}/man[13]/*
 
 %changelog
+* Thu Sep 18 2025 lixuebing <lixuebing@cqsoftware.com.cn> - 1:3.04-7
+- Fix CVE-2025-40928
+
 * Thu Mar 5 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.04-6
 - Package init