diff --git a/Misc/NEWS.d/next/Security/2025-10-14-18-58-09.gh-issue-140120.WyeECT.rst b/Misc/NEWS.d/next/Security/2025-10-14-18-58-09.gh-issue-140120.WyeECT.rst
new file mode 100644
index 00000000000000..7e20d61a2e3715
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2025-10-14-18-58-09.gh-issue-140120.WyeECT.rst
@@ -0,0 +1,2 @@
+Fixes a memory leak in ``Hacl_Streaming_HMAC_digest`` by freeing the
+``snd`` and ``thd`` fields of ``tmp_block_state1``.
diff --git a/Modules/_hacl/Hacl_Streaming_HMAC.c b/Modules/_hacl/Hacl_Streaming_HMAC.c
index 8dd7e2c0bf3e71..46d789a01682d7 100644
--- a/Modules/_hacl/Hacl_Streaming_HMAC.c
+++ b/Modules/_hacl/Hacl_Streaming_HMAC.c
@@ -2378,6 +2378,8 @@ Hacl_Streaming_HMAC_digest(
     Hacl_Agile_Hash_state_s *s11 = tmp_block_state1.snd;
     update_last(s11, prev_len_last, buf_last, r);
     finish0(tmp_block_state1, output);
+    free_(tmp_block_state1.snd);
+    free_(tmp_block_state1.thd);
     return Hacl_Streaming_Types_Success;
   }
   KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n",