Stack-Based Buffer Overflow in Biosig Project Library by The Biosig Project
CVE-2025-66046

9.8CRITICAL

Key Information:

Vendor: The BiOSig Project
Status: LibbiOSig
Vendor: CVE Published:; 11 December 2025

🔔 Create The BiOSig Project Vulnerability Alert

What is CVE-2025-66046?

The Biosig Project's libbiosig version 3.9.1 is susceptible to multiple stack-based buffer overflow vulnerabilities within its MFER parsing functionality. An attacker can exploit these vulnerabilities by supplying a specially crafted MFER file, which may lead to arbitrary code execution. This allows for potential unauthorized actions and system compromise, highlighting significant security risks associated with the affected library.

Affected Version(s)

libbiosig 3.9.1

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 11, 2025
Vulnerability Reserved
Nov 21, 2025

Credit

Discovered by Mark Bereza and Lilith >_> of Cisco Talos.

JSON