diff --git a/backport-CVE-2025-50420.patch b/backport-CVE-2025-50420.patch
new file mode 100644
index 0000000000000000000000000000000000000000..cb798729a56d7798ab2b978de40f6e33c66523eb
--- /dev/null
+++ b/backport-CVE-2025-50420.patch
@@ -0,0 +1,33 @@
+From 08d7894e4dd0e313c179e30f06ad8f546619b1b3 Mon Sep 17 00:00:00 2001
+From: Sune Vuorela <sune@vuorela.dk>
+Date: Tue, 29 Jul 2025 14:14:00 +0200
+Subject: [PATCH] Fix crash in pdfseparate
+
+Don't continue recursing in PDFDoc::mark* if things looks a bit weirder
+than expected
+---
+ poppler/PDFDoc.cc | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/poppler/PDFDoc.cc b/poppler/PDFDoc.cc
+index 7beabe1..0c2c938 100644
+--- a/poppler/PDFDoc.cc
++++ b/poppler/PDFDoc.cc
+@@ -1870,6 +1870,15 @@ bool PDFDoc::markAnnotations(Object *annotsObj, XRef *xRef, XRef *countRef, unsi
+         if (obj1.isDict()) {
+           Dict *dict = obj1.getDict();
+           Object type = dict->lookup("Type");
++          if (type.isNull()) {
++              Object subType = dict->lookup("SubType");
++              // Type is optional, subtype is required
++              // If neither of them exists, something is probably
++              // weird here, so let us just skip this entry
++              if (subType.isNull()) {
++                  continue;
++              }
++          }
+           if (type.isName() && strcmp(type.getName(), "Annot") == 0) {
+             const Object &obj2 = dict->lookupNF("P");
+             if (obj2.isRef()) {
+-- 
+
diff --git a/poppler.spec b/poppler.spec
index 5b0c577b6d138bd8e356cef53062d46a85d15571..dda938d27ed4c9cce8b27ba874df743e8d9acfbd 100644
--- a/poppler.spec
+++ b/poppler.spec
@@ -4,7 +4,7 @@
 Summary:        PDF rendering library
 Name:           poppler
 Version:        0.90.0
-Release:        12
+Release:        13
 License:        (GPLv2 or GPLv3) and GPLv2+ and LGPLv2+ and MIT
 URL:            http://poppler.freedesktop.org/
 Source0:        http://poppler.freedesktop.org/poppler-%{version}.tar.xz
@@ -29,6 +29,7 @@ Patch6011:	backport-CVE-2024-56378.patch
 Patch6012:      backport-CVE-2025-32364.patch
 Patch6013:      backport-CVE-2025-32365.patch
 Patch6014:      backport-CVE-2025-52886.patch
+Patch6015:      backport-CVE-2025-50420.patch
 
 BuildRequires:  cmake
 BuildRequires:  gcc-c++
@@ -228,6 +229,9 @@ test "$(pkg-config --modversion poppler-splash)" = "%{version}"
 %{_mandir}/man1/*
 
 %changelog
+* Tue Aug 05 2025 yujingbo <yujingbo@kylinos.cn> - 0.90.0-13
+- fix CVE-2025-50420
+
 * Thu Jul 24 2025 lingsheng <lingsheng1@h-partners.com> - 0.90.0-12
 - fix CVE-2025-52886