CVE-2026-2671
Received Received - Intake
Cleartext Data Exposure in Mendi BLE Handler via Local Attack

Publication date: 2026-03-07

Last updated on: 2026-03-07

Assigner: VulDB

Description
A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this vulnerability is an unknown functionality of the component Bluetooth Low Energy Handler. Performing a manipulation results in cleartext transmission of sensitive information. The attack can only be performed from the local network. The attack's complexity is rated as high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-07
Last Modified
2026-03-07
Generated
2026-06-16
AI Q&A
2026-03-07
EPSS Evaluated
2026-06-15
NVD
CVE-2026-2671
EUVD
EUVD-2026-10185
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
mendi_innovation_ab mendi_neurofeedback_headset 4
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-310 Cryptographic Issues
CWE-319 The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

I don't know

Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-2671 is a vulnerability in the Mendi Innovation AB Mendi V4 neurofeedback headset involving the Bluetooth Low Energy (BLE) communication. The device transmits sensitive neural activity data, specifically functional near-infrared spectroscopy (fNIRS) sensor data, in cleartext without encryption or secure pairing.'}, {'type': 'paragraph', 'content': "This means that an attacker within BLE radio range can passively intercept these transmissions without needing to pair, authenticate, or actively probe the device. The intercepted data can be decoded to reconstruct the user's brain activity signals in real time, without the user's knowledge or consent."}, {'type': 'paragraph', 'content': 'The vulnerability arises from the lack of secure BLE pairing mechanisms and absence of application-layer encryption, making the sensitive neural data exposed to anyone nearby capable of monitoring the wireless communication.'}] [1, 2, 3]

Impact Analysis

This vulnerability can impact you by exposing sensitive neural activity data transmitted by the Mendi neurofeedback headset to unauthorized parties within wireless range.

An attacker can passively intercept and decode your brain activity signals without your consent or knowledge, potentially compromising your privacy and confidentiality of sensitive biometric information.

Since the attack leaves no forensic evidence and requires no authentication, it is difficult to detect or attribute, increasing the risk of unnoticed data leakage.

The vulnerability affects confidentiality but does not impact data integrity or availability.

Detection Guidance

This vulnerability involves the cleartext transmission of sensitive neural activity data over Bluetooth Low Energy (BLE) without encryption, allowing passive interception by attackers within BLE radio range.

Detection can be performed by monitoring BLE traffic using common wireless analysis tools such as the Nordic nRF Sniffer or a modified smartphone configured for BLE packet capture.

Since the data is transmitted unencrypted and without pairing or authentication, passive sniffing of BLE packets on the 2.4 GHz ISM band can reveal the sensitive data streams.

  • Use Nordic nRF Sniffer to capture BLE packets around the device.
  • Use a BLE packet capture app on a modified smartphone to monitor BLE transmissions.
  • Analyze captured BLE packets for cleartext functional near-infrared spectroscopy (fNIRS) sensor data or neural activity signals.
Mitigation Strategies

No known mitigations or countermeasures currently exist for this vulnerability as the vendor has not responded and the device lacks secure BLE pairing and application-layer encryption.

Immediate steps include limiting physical proximity to the device to reduce BLE radio range exposure and considering replacing the affected Mendi Neurofeedback Headset V4 with an alternative product that implements secure BLE communication.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2671. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart