diff --git a/NEWS b/NEWS
index 6d3f3b7d82d..127ed8976a0 100644
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,9 @@ PHP                                                                        NEWS
   . Fixed bug GH-20085 (Assertion failure when combining lazy object
     get_properties exception with foreach loop). (nielsdos)
 
+- Random:
+  . Fix Randomizer::__serialize() w.r.t. INDIRECTs. (nielsdos)
+
 09 Oct 2025, PHP 8.4.14
 
 - Core:
diff --git a/ext/random/randomizer.c b/ext/random/randomizer.c
index 379641d5b8d..19b5207231d 100644
--- a/ext/random/randomizer.c
+++ b/ext/random/randomizer.c
@@ -516,8 +516,7 @@ PHP_METHOD(Random_Randomizer, __serialize)
 	ZEND_PARSE_PARAMETERS_NONE();
 
 	array_init(return_value);
-	ZVAL_ARR(&t, zend_std_get_properties(&randomizer->std));
-	Z_TRY_ADDREF(t);
+	ZVAL_ARR(&t, zend_array_dup(zend_std_get_properties(&randomizer->std)));
 	zend_hash_next_index_insert(Z_ARRVAL_P(return_value), &t);
 }
 /* }}} */
diff --git a/ext/random/tests/03_randomizer/methods/__serialize_indirects.phpt b/ext/random/tests/03_randomizer/methods/__serialize_indirects.phpt
new file mode 100644
index 00000000000..1207e18dd82
--- /dev/null
+++ b/ext/random/tests/03_randomizer/methods/__serialize_indirects.phpt
@@ -0,0 +1,18 @@
+--TEST--
+Random: Engine: __serialize() must not expose INDIRECTs
+--FILE--
+<?php
+
+$randomizer = new Random\Randomizer(null);
+var_dump($randomizer->__serialize());
+
+?>
+--EXPECT--
+array(1) {
+  [0]=>
+  array(1) {
+    ["engine"]=>
+    object(Random\Engine\Secure)#2 (0) {
+    }
+  }
+}