CoreOS Security Update (MINDBREEZE37798)

ID: MINDBREEZE37798
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS
Severity: 7.5 High
Status: Final
First published: February 5, 2026
CVEs: CVE-2025-9230 CVE-2025-9231 CVE-2025-9232 CVE-2025-10966 CVE-2025-11563 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881

Summary

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
openssl: Timing side-channel in SM2 algorithm on 64 bit ARM
openssl: Out-of-bounds read in HTTP client no_proxy handling
curl: Curl missing SFTP host verification with wolfSSH backend
wcurl path traversal with percent-encoded slashes
runc: container escape via 'masked path' abuse due to mount race conditions
runc: container escape with malicious config due to /dev/console mount and related races
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:

Mindbreeze InSpire 25.8 Release
Mindbreeze InSpire SaaS 25.8 Release

CoreOS Security Update (MINDBREEZE37798)

Summary

Social Media

Security

Support

Newsletter

Language