Expat security update (MINDBREEZE37762)

ID: MINDBREEZE37762 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: High 
Status: Final 
First published: December 12, 2025 
CVEs: CVE-2025-59375 

Summary 

libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 25.7 Release
• Mindbreeze InSpire SaaS 25.7 Release