diff --git a/.github/workflows/ci.py b/.github/workflows/ci.py
index c71f416d9..1fd8b7789 100644
--- a/.github/workflows/ci.py
+++ b/.github/workflows/ci.py
@@ -220,6 +220,7 @@ IGNORED_DEPENDENCY_CVES = [
     # Python stdlib
     'CVE-2025-8194', # DoS in tarfile
     'CVE-2025-6069', # DoS in HTMLParser
+    'CVE-2025-13836', # DoS in http client reading from malicious server
     # glib
     'CVE-2025-4056', # Only affects Windows, on which we dont run
     # github.com/nwaples/rardecode/v2