Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
2.3
Mendi Neurofeedback Headset V4: Sensitive Info Leaked Over Local Network
CVE-2026-2671
Summary
A security issue in the Mendi Neurofeedback Headset V4 allows attackers on the same network to intercept sensitive information. This could be a concern for users who rely on the headset for personal or sensitive data. We recommend updating to the latest version or contacting the vendor for assistance.
Original title
A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this vulnerability is an unknown functionality of the component Bluetooth Low Energy Handler. Performing a manipulation r...
Original description
A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this vulnerability is an unknown functionality of the component Bluetooth Low Energy Handler. Performing a manipulation results in cleartext transmission of sensitive information. The attack can only be performed from the local network. The attack's complexity is rated as high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
1.8
nvd CVSS3.1
3.1
nvd CVSS4.0
2.3
Vulnerability type
CWE-310
CWE-319
Cleartext Transmission of Sensitive Information
Published: 7 Mar 2026 · Updated: 13 Mar 2026 · First seen: 7 Mar 2026