Libbiosig
CVE-2026-22891
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (db9a9a63). A specially crafted Intan CLP file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
AnalysisAI
Heap overflow in libbiosig 3.9.2 Intan CLP parsing. PoC available.
Technical ContextAI
CWE-122 heap-based buffer overflow.
RemediationAI
Update libbiosig.
An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Mast
A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The Biosig Project libbiosig
An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0
An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 an
A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Ma
An out-of-bounds write vulnerability exists in the BrainVisionMarker Parsing functionality of The Biosig Project libbios
A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig Project libbiosig Maste
An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and
A heap-based buffer overflow vulnerability exists in the .egi parsing functionality of The Biosig Project libbiosig 2.5.
Arbitrary code execution in libbiosig 3.9.2 and Master Branch can be triggered by parsing malicious Nicolet WFT files th
An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Ma
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9
Same weakness CWE-122 – Heap-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today