Skip to main content

Libbiosig CVE-2026-22891

CRITICAL
Heap-based Buffer Overflow (CWE-122)
2026-03-03 talos-cna@cisco.com
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 22:05 vuln.today
PoC Detected
Mar 05, 2026 - 18:15 vuln.today
Public exploit code
CVE Published
Mar 03, 2026 - 15:16 nvd
CRITICAL 9.8

DescriptionCVE.org

A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (db9a9a63). A specially crafted Intan CLP file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

AnalysisAI

Heap overflow in libbiosig 3.9.2 Intan CLP parsing. PoC available.

Technical ContextAI

CWE-122 heap-based buffer overflow.

RemediationAI

Update libbiosig.

CVE-2025-53518 CRITICAL POC
9.8 Aug 25

An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Mast

CVE-2024-23809 CRITICAL POC
9.8 Feb 20

A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The Biosig Project libbiosig

CVE-2024-23606 CRITICAL POC
9.8 Feb 20

An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0

CVE-2024-23313 CRITICAL POC
9.8 Feb 20

An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 an

CVE-2024-23310 CRITICAL POC
9.8 Feb 20

A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Ma

CVE-2024-23305 CRITICAL POC
9.8 Feb 20

An out-of-bounds write vulnerability exists in the BrainVisionMarker Parsing functionality of The Biosig Project libbios

CVE-2024-22097 CRITICAL POC
9.8 Feb 20

A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig Project libbiosig Maste

CVE-2024-21812 CRITICAL POC
9.8 Feb 20

An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and

CVE-2024-21795 CRITICAL POC
9.8 Feb 20

A heap-based buffer overflow vulnerability exists in the .egi parsing functionality of The Biosig Project libbiosig 2.5.

CVE-2026-20777 HIGH POC
8.1 Mar 03

Arbitrary code execution in libbiosig 3.9.2 and Master Branch can be triggered by parsing malicious Nicolet WFT files th

CVE-2025-64736 MEDIUM POC
6.1 Mar 03

An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Ma

CVE-2025-54494 CRITICAL POC
9.8 Aug 25

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9

Share

CVE-2026-22891 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy