diff --git a/CVE-2025-32907.patch b/CVE-2025-32907.patch
new file mode 100644
index 0000000000000000000000000000000000000000..41ec1e5546ad60b694dd08f5958953164306e63b
--- /dev/null
+++ b/CVE-2025-32907.patch
@@ -0,0 +1,30 @@
+From 84e601252a9ae5eafaba9cb9cb5e4bd77ca41bdb Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Tue, 15 Apr 2025 12:17:39 +0200
+Subject: [PATCH] soup-message-headers: Correct merge of ranges
+
+It had been skipping every second range, which generated an array
+of a lot of insane ranges, causing large memory usage by the server.
+
+Closes #428
+---
+ libsoup/soup-message-headers.c |   1 +
+ tests/meson.build              |   1 +
+ tests/server-mem-limit-test.c  | 144 +++++++++++++++++++++++++++++++++
+ 3 files changed, 146 insertions(+)
+ create mode 100644 tests/server-mem-limit-test.c
+
+diff --git a/libsoup/soup-message-headers.c b/libsoup/soup-message-headers.c
+index 64847e30..f612bff1 100644
+--- a/libsoup/soup-message-headers.c
++++ b/libsoup/soup-message-headers.c
+@@ -1024,6 +1024,7 @@ soup_message_headers_get_ranges_internal (SoupMessageHeaders  *hdrs,
+ 			if (cur->start <= prev->end) {
+ 				prev->end = MAX (prev->end, cur->end);
+ 				g_array_remove_index (array, i);
++				i--;
+ 			}
+ 		}
+ 	}
+-- 
+2.49.0
diff --git a/libsoup3.spec b/libsoup3.spec
index cf503d0411b8efc0f83f83117921797f1f320d2d..cda50cd57a5a652a08a2158dbade4e40835d399e 100644
--- a/libsoup3.spec
+++ b/libsoup3.spec
@@ -1,4 +1,4 @@
-%define anolis_release 2
+%define anolis_release 3
 %global glib2_version 2.69.1
 
 %{!?with_docs: %global with_docs 1}
@@ -14,6 +14,10 @@ URL:     https://wiki.gnome.org/Projects/libsoup
 Source0: https://download.gnome.org/sources/libsoup/3.6/libsoup-%{version}.tar.xz
 # From https://gitlab.com/redhat/centos-stream/rpms/libsoup3/-/tree/c10s?ref_type=heads
 Patch0: 1000-CVE-2025-4948.patch
+
+# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452/diffs?commit_id=9bb92f7a685e31e10e9e8221d0342280432ce836
+Patch1: CVE-2025-32907.patch
+
 BuildRequires: gcc
 BuildRequires: gettext
 BuildRequires: glib-networking
@@ -110,6 +114,9 @@ install -m 644 -D tests/libsoup.supp %{buildroot}%{_datadir}/libsoup-3.0/libsoup
 %doc README NEWS AUTHORS
 
 %changelog
+* Thu Jul 31 2025 wenxin <wx02272781@alibaba-inc.com> - 3.6.5-3
+- add patch to fix CVE-2025-32907
+
 * Mon Jun 23 2025 lzq11122 <lzq02303433@alibaba-inc.com> - 3.6.5-2
 - add patch to fix CVE-2025-4948