CoreOS Security Update (MINDBREEZE40825)

ID: MINDBREEZE40825 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: 7.8 High 
Status: Final 
First published: June 11, 2026 
CVEs: CVE-2025-9820, CVE-2025-68973, CVE-2025-68972, CVE-2025-9615, CVE-2024-25621, CVE-2025-13601, CVE-2025-15224, CVE-2025-15079, CVE-2025-14819, CVE-2025-14017, CVE-2025-14524, CVE-2025-13034, CVE-2025-15467, CVE-2025-69419, CVE-2025-11187, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796, CVE-2025-15468, CVE-2025-15469 

Summary 

  • gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() 
  • gnupg: Information disclosure and potential arbitrary code execution via out-of-bounds write 
  • gnupg: Signature bypass via form feed character in signed messages 
  • NetworkManager: Inappropriate NetworkManager File Access 
  • containerd: containerd local privilege escalation 
  • glib: Integer overflow in in g_escape_uri_string() 
  • curl: libssh key passphrase bypass without agent set 
  • curl: libssh global known_hosts override 
  • curl: OpenSSL partial chain store policy bypass 
  • curl: bearer token leak on cross-protocol redirect 
  • curl: broken TLS options for threaded LDAPS 
  • curl: No QUIC certificate pinning with GnuTLS 
  • openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 
  • openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 
  • openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file 
  • openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression 
  • openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 
  • openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 
  • openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 
  • openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 
  • openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 
  • openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 
  • openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling 
  • openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation 

 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

  • Mindbreeze InSpire 26.1 Release
  • Mindbreeze InSpire SaaS 26.1 Release