Skip to main content

Mendi Neurofeedback Headset V4. Affected CVE-2026-2671

LOW
Cryptographic Issues (CWE-310)
2026-03-07 cna@vuldb.com
Information Disclosure
2.3
CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
CVSS changed
Apr 22, 2026 - 21:37 NVD
3.1 (LOW) 2.3 (LOW)
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Mar 07, 2026 - 18:16 nvd
LOW 3.1

DescriptionNVD

A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this vulnerability is an unknown functionality of the component Bluetooth Low Energy Handler. Performing a manipulation results in cleartext transmission of sensitive information. The attack can only be performed from the local network. The attack's complexity is rated as high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this vulnerability is an unknown functionality of the component Bluetooth Low Energy Handler. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

During next maintenance window: Apply vendor patches when convenient. Monitor vendor channels for updates.

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-2671 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy