Chromium Security Update (MINDBREEZE35671)

ID: MINDBREEZE35671 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: 5.4 Medium 
Status: Final 
First published: July 30, 2025 
CVEs: CVE-2025-4096, CVE-2025-4050, CVE-2025-4051, CVE-2025-4052, CVE-2025-4372, CVE-2025-4664, CVE-2025-4609, CVE-2025-5063, CVE-2025-5280, CVE-2025-5064, CVE-2025-5065, CVE-2025-5066, CVE-2025-5281, CVE-2025-5283, CVE-2025-5067, CVE-2025-5419, CVE-2025-5068 

Summary 

• chromium - Component: Heap buffer overflow in HTML.
• chromium - Component: Out of bounds memory access in DevTools.
• chromium - Component: Insufficient data validation in DevTools.
• chromium - Component: Inappropriate implementation in DevTools.
• chromium - Component: Use after free in WebAudio.
• chromium - Component: Insufficient policy enforcement in Loader.
• chromium - Component: Incorrect handle provided in unspecified circumstances in Mojo.
• chromium - Component: Use after free in Compositing.
• chromium - Component: Out of bounds write in V8.
• chromium - Component: Inappropriate implementation in Background Fetch API.
• chromium - Component: Inappropriate implementation in FileSystemAccess API.
• chromium - Component: Inappropriate implementation in Messages.
• chromium - Component: Inappropriate implementation in BFCache.
• chromium - Component: Use after free in libvpx.
• chromium - Component: Inappropriate implementation in Tab Strip.
• chromium - Component: Out of bounds read and write in V8.
• chromium - Component: Use after free in Blink. 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 25.4 Release
• Mindbreeze InSpire Saas 25.4 Release