CVE-2025-54486

Critical CVSS: 9.8

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8824 of biosig.c on the current master branch (35a819fa), when the Tag is 11:

else if (tag==11) //0x0B
{
// Fs
if (len>6) fprintf(stderr,"Warning MFER tag11 incorrect length %i>6\n",len);
double fval;
curPos += ifread(buf,1,len,hdr);

Vendor

Libbiosig Project

Product

Libbiosig

CWE

CWE-121

Yayın Tarihi

2025-08-25 14:15:34

Güncelleme

2025-11-03 19:16:10

Source Identifier

talos-cna@cisco.com

KEV Date Added

Kategoriler

CWE-121 Libbiosig CRITICAL Libbiosig Project 2025

Referanslar

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2234 https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2234

Benzer Kayıtlar

High

CVE-2026-20777

A heap-based buffer overflow vulnerability exists in the Nicolet WFT parsing functionality of The Biosig Project libbios…

Critical

CVE-2026-22891

A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig…

Medium

CVE-2025-64736

An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Ma…

Critical

CVE-2025-66048

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbi…

Critical

CVE-2025-66043

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbi…

Critical

CVE-2025-66044

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbi…