Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Libbiosig 3.9.2 and Master Branch: Malicious Files Can Run Unwanted Code
CVE-2026-20777
Summary
Libbiosig, a software used for medical equipment data analysis, has a flaw that allows an attacker to trick it into running malicious code if they give it a specially designed file. This could potentially lead to data theft or system compromise. Update to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| libbiosig_project | libbiosig | 3.9.2 | – |
Original title
A heap-based buffer overflow vulnerability exists in the Nicolet WFT parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (db9a9a63). A specially crafted .wft file can lead...
Original description
A heap-based buffer overflow vulnerability exists in the Nicolet WFT parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (db9a9a63). A specially crafted .wft file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
nvd CVSS3.1
8.1
Vulnerability type
CWE-122
Heap-based Buffer Overflow
- https://talosintelligence.com/vulnerability_reports/TALOS-2026-2362 Exploit Third Party Advisory
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2362 Exploit Third Party Advisory
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026