Buffer Overflow Vulnerabilities in Biosig's Parsing Functionality
CVE-2025-66045

9.8CRITICAL

Key Information:

Vendor: The BiOSig Project
Status: LibbiOSig
Vendor: CVE Published:; 11 December 2025

🔔 Create The BiOSig Project Vulnerability Alert

What is CVE-2025-66045?

The MFER parsing functionality of libbiosig version 3.9.1 contains vulnerabilities that may lead to stack-based buffer overflows. An attacker can exploit this by delivering a specially crafted MFER file, potentially resulting in arbitrary code execution upon file processing. It is crucial for users and system administrators to apply necessary updates and security practices to mitigate risks associated with these vulnerabilities.

Affected Version(s)

libbiosig 3.9.1

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 11, 2025
Vulnerability Reserved
Nov 21, 2025

Credit

Discovered by Mark Bereza and Lilith >_> of Cisco Talos.

JSON