diff --git a/en/news/_posts/2025-02-11-dos-net-imap-cve-2025-25186.md b/en/news/_posts/2025-02-11-dos-net-imap-cve-2025-25186.md
new file mode 100644
index 0000000000..66b0d9a4fa
--- /dev/null
+++ b/en/news/_posts/2025-02-11-dos-net-imap-cve-2025-25186.md
@@ -0,0 +1,29 @@
+---
+layout: news_post
+title: "CVE-2025-25186: DoS vulnerability in net-imap"
+author: "nevans"
+translator:
+date: 2025-02-11 03:00:00 +0000
+tags: security
+lang: en
+---
+
+There is a possibility for DoS by in the net-imap gem.  This vulnerability has been assigned the CVE identifier [CVE-2025-25186](https://www.cve.org/CVERecord?id=CVE-2025-25186).  We recommend upgrading the net-imap gem.
+
+## Details
+
+A malicious server can send highly compressed uid-set data which is automatically read by the client's receiver thread.  The response parser uses Range#to_a to convert the uid-set data into arrays of integers, with no limitation on the expanded size of the ranges.
+
+Please update net-imap gem to version 0.3.8, 0.4.19, 0.5.6, or later.
+
+## Affected versions
+
+* net-imap gem between 0.3.2 and 0.3.8, 0.4.0 and 0.4.19, or 0.5.0 and 0.5.6
+
+## Credits
+
+Thanks to [manun](https://hackerone.com/manun) for discovering this issue.
+
+## History
+
+* Originally published at 2025-02-11 03:00:00 (UTC)