Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Libbiosig parsing a specially crafted file can run malicious code
CVE-2026-22891
Summary
A malicious Intan CLP file can cause a security breach, allowing an attacker to execute unauthorized code. This affects libbiosig version 3.9.2 and the latest master branch code. Update to a fixed version to protect against this risk.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| libbiosig_project | libbiosig | 3.9.2 | – |
Original title
A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (db9a9a63). A specially crafted Intan CLP file can l...
Original description
A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (db9a9a63). A specially crafted Intan CLP file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
nvd CVSS3.1
9.8
Vulnerability type
CWE-122
Heap-based Buffer Overflow
- https://talosintelligence.com/vulnerability_reports/TALOS-2026-2361 Exploit Third Party Advisory
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2361 Exploit Third Party Advisory
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026