diff --git a/Fix-CVE-2024-34459.patch b/Fix-CVE-2024-34459.patch
new file mode 100644
index 0000000000000000000000000000000000000000..a7e5feca7fdebaf658deb00f125c70eac5f2b1a4
--- /dev/null
+++ b/Fix-CVE-2024-34459.patch
@@ -0,0 +1,26 @@
+From 2876ac5392a4e891b81e40e592c3ac6cb46016ce Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Wed, 8 May 2024 11:49:31 +0200
+Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout`
+
+Add a missing bounds check.
+---
+ xmllint.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/xmllint.c b/xmllint.c
+index 82a878651..4d84c640b 100644
+--- a/xmllint.c
++++ b/xmllint.c
+@@ -599,7 +599,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) {
+     len = strlen(buffer);
+     snprintf(&buffer[len], sizeof(buffer) - len, "\n");
+     cur = input->cur;
+-    while ((*cur == '\n') || (*cur == '\r'))
++    while ((cur > base) && ((*cur == '\n') || (*cur == '\r')))
+ 	cur--;
+     n = 0;
+     while ((cur != base) && (n++ < 80)) {
+-- 
+GitLab
+
diff --git a/install.py b/install.py
index bedc0c305414ab9a6a6ecad50e0f050eaddbfe43..078f04a1d6ecdc8a4408d4b6f045fe2a656fb3fe 100755
--- a/install.py
+++ b/install.py
@@ -229,7 +229,8 @@ def do_patch(args, target_dir):
         "backport-malloc-fail-Fix-null-deref-after-xmlXIncludeNewRef.patch",
         "backport-xpath-Ignore-entity-ref-nodes-when-computing-node-ha.patch",
         "backport-SAX-Always-initialize-SAX1-element-handlers.patch",
-        "Fix-malloc-fail.patch"
+        "Fix-malloc-fail.patch",
+        "Fix-CVE-2024-34459.patch"
     ]
 
     for patch in patch_file: