Skip to main content

Orthanc CVE-2025-15581

Improper Authentication (CWE-287)
2026-02-18 ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 18, 2026 - 23:16 nvd
N/A

DescriptionCVE.org

Orthanc versions before 1.12.10 are affected by an authorisation logic flaw in the application's HTTP Basic Authentication implementation.

Successful exploitation could result in Privilege Escalation, potentially allowing full administrative access.

AnalysisAI

Orthanc versions before 1.12.10 are affected by an authorisation logic flaw in the application's HTTP Basic Authentication implementation. Successful exploitation could result in Privilege Escalation, potentially allowing full administrative access.

Technical ContextAI

Classified as CWE-287 (Improper Authentication). Affects Orthanc. Orthanc versions before 1.12.10 are affected by an authorisation logic flaw in the application's HTTP Basic Authentication implementation.

Successful exploitation could result in Privilege Escalation, potentially allowing full administrative access.

Affected ProductsAI

Product: Orthanc. Versions: up to 1.12.10.

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2025-15581 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy