Stack-Based Buffer Overflow in Biosig Project Library by Biosig Project
CVE-2025-66044

9.8CRITICAL

Key Information:

Vendor: The BiOSig Project
Status: LibbiOSig
Vendor: CVE Published:; 11 December 2025

🔔 Create The BiOSig Project Vulnerability Alert

What is CVE-2025-66044?

Multiple stack-based buffer overflow vulnerabilities exist in the MFER parsing functionality of the Biosig Project's libbiosig version 3.9.1. These vulnerabilities can be exploited by an attacker through specially crafted MFER files, potentially leading to arbitrary code execution. An untrusted and malformed file can trigger these issues, emphasizing the necessity for robust input validation mechanisms in software handling MFER formats. Users are advised to review their systems promptly and implement necessary patches to safeguard against potential exploitation.

Affected Version(s)

libbiosig 3.9.1

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 11, 2025
Vulnerability Reserved
Nov 21, 2025

Credit

Discovered by Mark Bereza and Lilith >_> of Cisco Talos.

JSON