CVE-2026-2671
Received Received - Intake

Cleartext Data Exposure in Mendi BLE Handler via Local Attack

Vulnerability report for CVE-2026-2671, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-07

Last updated on: 2026-03-07

Assigner: VulDB

Description

A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this vulnerability is an unknown functionality of the component Bluetooth Low Energy Handler. Performing a manipulation results in cleartext transmission of sensitive information. The attack can only be performed from the local network. The attack's complexity is rated as high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-07
Last Modified
2026-03-07
Generated
2026-07-06
AI Q&A
2026-03-07
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
mendi_innovation_ab mendi_neurofeedback_headset 4

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-319 The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
CWE-310 Cryptographic Issues

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Detection Guidance

This vulnerability involves the cleartext transmission of sensitive neural activity data over Bluetooth Low Energy (BLE) without encryption, allowing passive interception by attackers within BLE radio range.

Detection can be performed by monitoring BLE traffic using common wireless analysis tools such as the Nordic nRF Sniffer or a modified smartphone configured for BLE packet capture.

Since the data is transmitted unencrypted and without pairing or authentication, passive sniffing of BLE packets on the 2.4 GHz ISM band can reveal the sensitive data streams.

  • Use Nordic nRF Sniffer to capture BLE packets around the device.
  • Use a BLE packet capture app on a modified smartphone to monitor BLE transmissions.
  • Analyze captured BLE packets for cleartext functional near-infrared spectroscopy (fNIRS) sensor data or neural activity signals.
Compliance Impact

I don't know

Mitigation Strategies

No known mitigations or countermeasures currently exist for this vulnerability as the vendor has not responded and the device lacks secure BLE pairing and application-layer encryption.

Immediate steps include limiting physical proximity to the device to reduce BLE radio range exposure and considering replacing the affected Mendi Neurofeedback Headset V4 with an alternative product that implements secure BLE communication.

Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-2671 is a vulnerability in the Mendi Innovation AB Mendi V4 neurofeedback headset involving the Bluetooth Low Energy (BLE) communication. The device transmits sensitive neural activity data, specifically functional near-infrared spectroscopy (fNIRS) sensor data, in cleartext without encryption or secure pairing.'}, {'type': 'paragraph', 'content': "This means that an attacker within BLE radio range can passively intercept these transmissions without needing to pair, authenticate, or actively probe the device. The intercepted data can be decoded to reconstruct the user's brain activity signals in real time, without the user's knowledge or consent."}, {'type': 'paragraph', 'content': 'The vulnerability arises from the lack of secure BLE pairing mechanisms and absence of application-layer encryption, making the sensitive neural data exposed to anyone nearby capable of monitoring the wireless communication.'}] [1, 2, 3]

Impact Analysis

This vulnerability can impact you by exposing sensitive neural activity data transmitted by the Mendi neurofeedback headset to unauthorized parties within wireless range.

An attacker can passively intercept and decode your brain activity signals without your consent or knowledge, potentially compromising your privacy and confidentiality of sensitive biometric information.

Since the attack leaves no forensic evidence and requires no authentication, it is difficult to detect or attribute, increasing the risk of unnoticed data leakage.

The vulnerability affects confidentiality but does not impact data integrity or availability.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2671. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart