diff --git a/SOURCES/gimp-3.0.4-CVE-2025-14422.patch b/SOURCES/gimp-3.0.4-CVE-2025-14422.patch
new file mode 100644
index 0000000..187cdf8
--- /dev/null
+++ b/SOURCES/gimp-3.0.4-CVE-2025-14422.patch
@@ -0,0 +1,31 @@
+diff -urNp a/plug-ins/common/file-pnm.c b/plug-ins/common/file-pnm.c
+--- a/plug-ins/common/file-pnm.c	2026-01-20 14:14:03.521350852 +0100
++++ b/plug-ins/common/file-pnm.c	2026-01-20 14:24:59.865358033 +0100
+@@ -706,6 +706,7 @@ pnm_load_raw (PNMScanner   *scan,
+ {
+   gint    bpc;
+   guchar *data, *bdata, *d, *b;
++  gsize   data_size;
+   gint    x, y, i;
+   gint    start, end, scanlines;
+   gint    fd;
+@@ -715,11 +716,17 @@ pnm_load_raw (PNMScanner   *scan,
+   else
+     bpc = 1;
+ 
+-  data = g_new (guchar, gimp_tile_height () * info->xres * info->np * bpc);
++  /* No overflow as long as gimp_tile_height() < 1365 = 2^(31 - 18) / 6 */
++  if (! g_size_checked_mul (&data_size, gimp_tile_height (), info->xres) ||
++      ! g_size_checked_mul (&data_size, data_size, info->np)             ||
++      ! g_size_checked_mul (&data_size, data_size, bpc))
++    CHECK_FOR_ERROR (FALSE, info->jmpbuf, _("Unsupported maximum value."));
++
++  data = g_new (guchar, data_size);
+ 
+   bdata = NULL;
+   if (bpc > 1)
+-    bdata = g_new (guchar, gimp_tile_height () * info->xres * info->np);
++    bdata = g_new (guchar, data_size);
+ 
+   fd = pnmscanner_fd (scan);
+ 
diff --git a/SPECS/gimp.spec b/SPECS/gimp.spec
index 0a0b0c6..7c2e70d 100644
--- a/SPECS/gimp.spec
+++ b/SPECS/gimp.spec
@@ -75,7 +75,7 @@ Summary:        GNU Image Manipulation Program
 Name:           gimp
 Epoch:          2
 Version:        2.8.22
-Release:        %{?prerelprefix}26%{dotprerel}%{dotgitrev}%{?dist}.3
+Release:        %{?prerelprefix}26%{dotprerel}%{dotgitrev}%{?dist}.4
 
 # Compute some version related macros.
 # Ugly, need to get quoting percent signs straight.
@@ -221,7 +221,7 @@ Patch17: gimp-CVE-2025-48797.patch
 Patch18: gimp-CVE-2025-48798.patch
 Patch19: gimp-CVE-2025-5473.patch
 Patch20: gimp-3.0.4-CVE-2025-10920-10925-10934.patch
-
+Patch21: gimp-3.0.4-CVE-2025-14422.patch
 # use external help browser directly if help browser plug-in is not built
 Patch100:       gimp-2.8.6-external-help-browser.patch
 
@@ -326,6 +326,7 @@ EOF
 %patch18 -p1 -b .CVE-2025-48798
 %patch19 -p1 -b .CVE-2025-5473
 %patch20 -p1 -b .CVE-2025-10920-10925-10934
+%patch21 -p1 -b .CVE-2025-14422
 
 %if ! %{with helpbrowser}
 %patch100 -p1 -b .external-help-browser
@@ -665,6 +666,9 @@ make check
 %endif
 
 %changelog
+* Tue Jan 20 2026 Josef Ridky <jridky@redhat.com> - 2:2.8.22-26.4
+- fix CVE-2025-14422
+
 * Mon Nov 24 2025 Josef Ridky <jridky@redhat.com> - 2:2.8.22-26.3
 - fix CVE-2025-10920
 - fix CVE-2025-10921