diff --git a/CuraEngine.spec b/CuraEngine.spec
index aa9d79c..3832f98 100644
--- a/CuraEngine.spec
+++ b/CuraEngine.spec
@@ -1,7 +1,7 @@
 Name:           CuraEngine
 Epoch:          1
 Version:        4.13.1
-Release:        6%{?dist}
+Release:        7%{?dist}
 Summary:        Engine for processing 3D models into G-code instructions for 3D printers
 License:        AGPLv3+
 URL:            https://github.com/Ultimaker/%{name}
@@ -17,9 +17,19 @@ BuildRequires:  cmake
 BuildRequires:  git-core
 
 # Header-only package; -static version is for tracking per guidelines
-# stb_image 2.28^20230129git5736b15-0.2 is the minimum EVR that fixes the null
-# pointer dereference reported in https://github.com/nothings/stb/issues/1452.
-BuildRequires:  stb_image-static >= 2.28^20230129git5736b15-0.2
+# Enforce the the minimum EVR to contain fixes for all of:
+# CVE-2021-28021
+# CVE-2021-42715
+# CVE-2021-42716
+# CVE-2022-28041
+# CVE-2023-43898
+# CVE-2023-45661
+# CVE-2023-45662
+# CVE-2023-45663
+# CVE-2023-45664
+# CVE-2023-45666
+# CVE-2023-45667
+BuildRequires:  stb_image-static >= 2.28^20231011gitbeebb24-12
 
 Patch:          %{name}-static-libstdcpp.patch
 # Add an #include needed for GCC 13
@@ -74,6 +84,9 @@ sed -i 's/"DEV"/"%{version}"/' src/settings/Settings.h
 %{_bindir}/%{name}
 
 %changelog
+* Wed Oct 25 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 1:4.13.1-7
+- Ensure stb_image contains the latest CVE patches
+
 * Sat Feb 25 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 1:4.13.1-6
 - Update minimum stb_image to fix a null deref. bug