Tika Filter PDF XXE (tika-parser-pdf-module) (MINDBREEZE37225)

ID: MINDBREEZE37225 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: Critical 
Status: Final 
First published: September 5, 2025 
CVEs: CVE-2025-54988 

Summary 

CVE-2025-54988: Critical XXE in Apache Tika (tika-parser-pdf-module) 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 25.5 HF1 Release
• Mindbreeze InSpire SaaS 25.5 HF1 Release