diff --git a/src/requests/sessions.py b/src/requests/sessions.py
index 731550de88..b1f7bb5f9c 100644
--- a/src/requests/sessions.py
+++ b/src/requests/sessions.py
@@ -763,7 +763,10 @@ def merge_environment_settings(self, url, proxies, stream, verify, cert):
 
             # Look for requests environment configuration
             # and be compatible with cURL.
-            if verify is True or verify is None:
+            # Determine the effective verify setting (method param > session)
+            # to respect proper precedence order before applying environment variables
+            effective_verify = verify if verify is not None else self.verify
+            if effective_verify is True or effective_verify is None:
                 verify = (
                     os.environ.get("REQUESTS_CA_BUNDLE")
                     or os.environ.get("CURL_CA_BUNDLE")
diff --git a/tests/test_requests.py b/tests/test_requests.py
index 75d2deff2e..a6c1a29bfa 100644
--- a/tests/test_requests.py
+++ b/tests/test_requests.py
@@ -966,6 +966,91 @@ def test_invalid_ca_certificate_path(self, httpbin_secure):
             INVALID_PATH
         )
 
+    def test_verify_precedence_session_true_method_true(self, httpbin_secure):
+        """session.verify=True, method verify=True: should use env var and fail"""
+        INVALID_PATH = "/garbage"
+        with override_environ(requests_ca_bundle=INVALID_PATH):
+            session = requests.Session()
+            session.verify = True
+            with pytest.raises(IOError) as e:
+                session.get(httpbin_secure(), verify=True)
+            assert "Could not find a suitable TLS CA certificate bundle" in str(e.value)
+
+    def test_verify_precedence_session_true_method_none(self, httpbin_secure):
+        """session.verify=True, method verify=None: should use env var and fail"""
+        INVALID_PATH = "/garbage"
+        with override_environ(requests_ca_bundle=INVALID_PATH):
+            session = requests.Session()
+            session.verify = True
+            with pytest.raises(IOError) as e:
+                session.get(httpbin_secure())
+            assert "Could not find a suitable TLS CA certificate bundle" in str(e.value)
+
+    def test_verify_precedence_session_true_method_false(self, httpbin_secure):
+        """session.verify=True, method verify=False: method override, should succeed"""
+        INVALID_PATH = "/garbage"
+        with override_environ(requests_ca_bundle=INVALID_PATH):
+            session = requests.Session()
+            session.verify = True
+            # Should succeed - method parameter overrides session
+            session.get(httpbin_secure(), verify=False)
+
+    def test_verify_precedence_session_none_method_true(self, httpbin_secure):
+        """session.verify=None, method verify=True: should use env var and fail"""
+        INVALID_PATH = "/garbage"
+        with override_environ(requests_ca_bundle=INVALID_PATH):
+            session = requests.Session()
+            # session.verify defaults to None
+            with pytest.raises(IOError) as e:
+                session.get(httpbin_secure(), verify=True)
+            assert "Could not find a suitable TLS CA certificate bundle" in str(e.value)
+
+    def test_verify_precedence_session_none_method_none(self, httpbin_secure):
+        """session.verify=None, method verify=None: should use env var and fail"""
+        INVALID_PATH = "/garbage"
+        with override_environ(requests_ca_bundle=INVALID_PATH):
+            session = requests.Session()
+            # Both default to None
+            with pytest.raises(IOError) as e:
+                session.get(httpbin_secure())
+            assert "Could not find a suitable TLS CA certificate bundle" in str(e.value)
+
+    def test_verify_precedence_session_none_method_false(self, httpbin_secure):
+        """session.verify=None, method verify=False: method override, should succeed"""
+        INVALID_PATH = "/garbage"
+        with override_environ(requests_ca_bundle=INVALID_PATH):
+            session = requests.Session()
+            # Should succeed - method parameter overrides
+            session.get(httpbin_secure(), verify=False)
+
+    def test_verify_precedence_session_false_method_true(self, httpbin_secure):
+        """session.verify=False, method verify=True: method override, should use env var and fail"""
+        INVALID_PATH = "/garbage"
+        with override_environ(requests_ca_bundle=INVALID_PATH):
+            session = requests.Session()
+            session.verify = False
+            with pytest.raises(IOError) as e:
+                session.get(httpbin_secure(), verify=True)
+            assert "Could not find a suitable TLS CA certificate bundle" in str(e.value)
+
+    def test_verify_precedence_session_false_method_none(self, httpbin_secure):
+        """session.verify=False, method verify=None: session wins, should succeed"""
+        INVALID_PATH = "/garbage"
+        with override_environ(requests_ca_bundle=INVALID_PATH):
+            session = requests.Session()
+            session.verify = False
+            # Should succeed - session.verify=False should be respected
+            session.get(httpbin_secure())
+
+    def test_verify_precedence_session_false_method_false(self, httpbin_secure):
+        """session.verify=False, method verify=False: both false, should succeed"""
+        INVALID_PATH = "/garbage"
+        with override_environ(requests_ca_bundle=INVALID_PATH):
+            session = requests.Session()
+            session.verify = False
+            # Should succeed - both say False
+            session.get(httpbin_secure(), verify=False)
+
     def test_invalid_ssl_certificate_files(self, httpbin_secure):
         INVALID_PATH = "/garbage"
         with pytest.raises(IOError) as e: