diff --git a/0005-match-correctly-applied-hotpatchs.patch b/0005-match-correctly-applied-hotpatchs.patch
new file mode 100644
index 0000000..adb6d31
--- /dev/null
+++ b/0005-match-correctly-applied-hotpatchs.patch
@@ -0,0 +1,39 @@
+From 6875f8f6dbe2f7b08cf6a447057bfd4514b83537 Mon Sep 17 00:00:00 2001
+From: gongzhengtang <gong_zhengtang@163.com>
+Date: Fri, 30 Jun 2023 11:09:24 +0000
+Subject: [PATCH] Match the correctly applied hot patches
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: gongzhengtang <gong_zhengtang@163.com>
+---
+ ceres/manages/vulnerability_manage.py | 13 +++++--------
+ 1 file changed, 5 insertions(+), 8 deletions(-)
+
+diff --git a/ceres/manages/vulnerability_manage.py b/ceres/manages/vulnerability_manage.py
+index 8547abe..cfecb60 100644
+--- a/ceres/manages/vulnerability_manage.py
++++ b/ceres/manages/vulnerability_manage.py
+@@ -429,14 +429,11 @@ class VulnerabilityManage:
+         if status_code == FAIL or not re.search("base-pkg/hotpatch", hotpatch_list_output):
+             return None
+ 
+-        for hotpatch_info in [line for line in hotpatch_list_output.split(os.linesep) if line]:
+-            if not hotpatch_info.startswith("CVE"):
+-                continue
+-            _, hot_pkg, _, = [info.strip() for info in hotpatch_info.split()]
+-            if hot_pkg == "base-pkg/hotpatch":
+-                continue
+-            return hot_pkg
+-        return ""
++        for hotpatch_info in [line for line in hotpatch_list_output.split(os.linesep) if line.startswith("CVE")]:
++            _, hot_pkg, status = hotpatch_info.strip().split()
++            if status == "ACTIVED":
++                return hot_pkg
++        return None
+ 
+     def _syscare_operate(self, operate, patch_name=None):
+         """
+-- 
+Gitee
diff --git a/aops-ceres.spec b/aops-ceres.spec
index f922ff0..ddc8f56 100644
--- a/aops-ceres.spec
+++ b/aops-ceres.spec
@@ -1,6 +1,6 @@
 Name:		aops-ceres
 Version:	v1.2.1
-Release:	5
+Release:	6
 Summary:	An agent which needs to be adopted in client, it managers some plugins, such as gala-gopher(kpi collection), fluentd(log collection) and so on.
 License:	MulanPSL2
 URL:		https://gitee.com/openeuler/%{name}
@@ -9,6 +9,7 @@ Patch0001:	0001-modify-return-value-when-no-hotpatch-is-matched.patch
 Patch0002:	0002-update-cve-fix-and-cve-scan.patch
 Patch0003:	0003-fix-issue-cve-fix-result-doesn-t-match-log.patch
 Patch0004:	0004-update-hotpatch-info-query-func.patch
+Patch0005:  0005-match-correctly-applied-hotpatchs.patch
 
 
 BuildRequires:  python3-setuptools
@@ -44,6 +45,9 @@ An agent which needs to be adopted in client, it managers some plugins, such as
 
 
 %changelog
+* Fri Jun 30 2023 gongzhengtang<gong_zhengtang@163.com> - v1.2.1-6
+- Match the correctly applied hot patches
+
 * Wed Jun 21 2023 wenxin<shusheng.wen@outlook.com> - v1.2.1-5
 - update hostpatch info query func