diff --git a/CHANGELOG.md b/CHANGELOG.md
index 070b6f4cd..1bb06882a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,13 @@
 
 [1]: https://pypi.org/project/google-auth/#history
 
+## [2.42.1](https://github.com/googleapis/google-auth-library-python/compare/v2.42.0...v2.42.1) (2025-10-30)
+
+
+### Bug Fixes
+
+* Catch ValueError for json.loads() ([#1842](https://github.com/googleapis/google-auth-library-python/issues/1842)) ([b074cad](https://github.com/googleapis/google-auth-library-python/commit/b074cad460589633adfc6744c01726ae86f2aa2b))
+
 ## [2.42.0](https://github.com/googleapis/google-auth-library-python/compare/v2.41.1...v2.42.0) (2025-10-24)
 
 
diff --git a/google/auth/_helpers.py b/google/auth/_helpers.py
index fba0ba3fa..4a69d4c61 100644
--- a/google/auth/_helpers.py
+++ b/google/auth/_helpers.py
@@ -489,7 +489,7 @@ def _parse_request_body(body: Optional[bytes], content_type: str = "") -> Any:
     if not content_type or "application/json" in content_type:
         try:
             return json.loads(body_str)
-        except (json.JSONDecodeError, TypeError):
+        except (TypeError, ValueError):
             return body_str
     if "application/x-www-form-urlencoded" in content_type:
         parsed_query = urllib.parse.parse_qs(body_str)
diff --git a/google/auth/version.py b/google/auth/version.py
index 208942661..4b6c4fb25 100644
--- a/google/auth/version.py
+++ b/google/auth/version.py
@@ -12,4 +12,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-__version__ = "2.42.0"
+__version__ = "2.42.1"
diff --git a/system_tests/secrets.tar.enc b/system_tests/secrets.tar.enc
index 38fbef135..fa5030046 100644
Binary files a/system_tests/secrets.tar.enc and b/system_tests/secrets.tar.enc differ
diff --git a/tests/test__helpers.py b/tests/test__helpers.py
index ce3ec11e2..2aecc0b7e 100644
--- a/tests/test__helpers.py
+++ b/tests/test__helpers.py
@@ -623,6 +623,34 @@ def test_parse_request_body_other_type():
     assert _helpers._parse_request_body("string") is None
 
 
+def test_parse_request_body_json_type_error():
+    body = b'{"key": "value"}'
+    with mock.patch("json.loads", side_effect=TypeError):
+        # json.loads should raise a TypeError, and the function should return the
+        # original string
+        assert _helpers._parse_request_body(body, "application/json") == body.decode(
+            "utf-8"
+        )
+
+
+def test_parse_request_body_json_value_error():
+    body = b'{"key": "value"}'
+    content_type = "application/json"
+    with mock.patch("json.loads", side_effect=ValueError):
+        # json.loads should raise a ValueError, and the function should return the
+        # original string
+        assert _helpers._parse_request_body(body, content_type) == body.decode("utf-8")
+
+
+def test_parse_request_body_json_decode_error():
+    body = b'{"key": "value"}'
+    content_type = "application/json"
+    with mock.patch("json.loads", side_effect=json.JSONDecodeError("msg", "doc", 0)):
+        # json.loads should raise a JSONDecodeError, and the function should return the
+        # original string
+        assert _helpers._parse_request_body(body, content_type) == body.decode("utf-8")
+
+
 def test_parse_response_json_valid():
     class MockResponse:
         def json(self):