A security vulnerability has been detected in DCMTK up to 3.6.5. Rated low severity (CVSS 1.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was detected in DCMTK up to 3.6.7. Rated low severity (CVSS 1.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Unauthorized data modification in Oracle Java SE, GraalVM for JDK, and GraalVM Enterprise Edition allows remote unauthenticated attackers to alter sensitive data through APIs and multiple protocols via difficult-to-exploit integrity bypass. Affected versions include Java SE 21.0.8 and 25, GraalVM for JDK 21.0.8, and GraalVM Enterprise Edition 21.3.15. The vulnerability carries a low EPSS score (0.03%, 10th percentile) and no active exploitation has been identified, indicating limited real-world priority despite network accessibility.