diff --git a/1-bugfix-for-CVE-2025-40918.patch b/1-bugfix-for-CVE-2025-40918.patch
new file mode 100644
index 0000000000000000000000000000000000000000..c9c7fecc28c6ababf2ffc8819cfda680b790da59
--- /dev/null
+++ b/1-bugfix-for-CVE-2025-40918.patch
@@ -0,0 +1,40 @@
+From 82e12b25963bd9d156a9006c9a0929f459b8536a Mon Sep 17 00:00:00 2001
+From: Robert Rothenberg <rrwo@cpan.org>
+Date: Thu, 10 Jul 2025 21:05:29 +0100
+Subject: [PATCH] Generate cnonce and nonce from system randomness
+
+This fixes CVE-2025-40918.
+---
+ lib/Authen/SASL/Perl/DIGEST_MD5.pm | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/lib/Authen/SASL/Perl/DIGEST_MD5.pm b/lib/Authen/SASL/Perl/DIGEST_MD5.pm
+index f089849..44d2109 100644
+--- a/lib/Authen/SASL/Perl/DIGEST_MD5.pm
++++ b/lib/Authen/SASL/Perl/DIGEST_MD5.pm
+@@ -9,6 +9,7 @@ package Authen::SASL::Perl::DIGEST_MD5;
+ 
+ use strict;
+ use vars qw($VERSION @ISA $CNONCE $NONCE);
++use Crypt::URandom qw(urandom);
+ use Digest::MD5 qw(md5_hex md5);
+ use Digest::HMAC_MD5 qw(hmac_md5);
+ 
+@@ -201,7 +202,7 @@ sub server_start {
+ 
+   $self->{need_step} = 1;
+   $self->{error}     = undef;
+-  $self->{nonce}     = md5_hex($NONCE || join (":", $$, time, rand));
++  $self->{nonce}     = $NONCE? md5_hex($NONCE) : unpack('H32',urandom(16));
+ 
+   $self->init_sec_layer;
+ 
+@@ -260,7 +261,7 @@ sub client_step {   # $self, $server_sasl_credentials
+ 
+   my %response = (
+     nonce        => $sparams{'nonce'},
+-    cnonce       => md5_hex($CNONCE || join (":", $$, time, rand)),
++    cnonce       => $CNONCE? md5_hex($CNONCE) : unpack('H32',urandom(16)),
+     'digest-uri' => $self->service . '/' . $self->host,
+     # calc how often the server nonce has been seen; server expects "00000001"
+     nc           => sprintf("%08d",     ++$self->{nonce_counts}{$sparams{'nonce'}}),
diff --git a/perl-Authen-SASL.spec b/perl-Authen-SASL.spec
index 650c81eb8add3e46809cbaeb5f332aa4951a5147..813ef569c9cc6cd62953079013122a7221c59007 100644
--- a/perl-Authen-SASL.spec
+++ b/perl-Authen-SASL.spec
@@ -1,4 +1,4 @@
-%define anolis_release 30
+%define anolis_release 31
 %define mod_name Authen-SASL
 
 Name:           perl-%{mod_name}
@@ -11,6 +11,9 @@ Source0:        https://cpan.metacpan.org/authors/id/G/GB/GBARR/%{mod_name}-%{ve
 
 Patch0:         0001-%{mod_name}-RT85294-Fix-WRITE.patch
 
+# https://github.com/perl-authen-sasl/perl-authen-sasl/commit/82e12b25963bd9d156a9006c9a0929f459b8536a.patch
+Patch1:         1-bugfix-for-CVE-2025-40918.patch
+
 BuildArch:      noarch
 
 BuildRequires:  make coreutils
@@ -58,6 +61,9 @@ make test
 %doc Changes api.txt example_pl
 
 %changelog
+* Sat Feb 14 2026 tomcruiseqi <tomcruiseqi@inspur.com> - 2.16-31
+- Fix CVE-2025-40918
+
 * Tue Apr 11 2023 Guyu Wang <guyu.wgy@linux.alibaba.com> - 2.16-30
 - optimise spec file