Skip to main content

Dicom Server

9 CVEs product

Monthly

CVE-2026-5439 HIGH This Week

Memory exhaustion in Orthanc DICOM Server versions ≤1.12.10 allows remote attackers to trigger denial of service by uploading specially crafted ZIP archives with forged uncompressed size metadata. The server allocates excessive memory buffers based on untrusted size fields during automatic extraction, enabling resource exhaustion attacks without authentication (CVSS:3.1 AV:N/AC:L/PR:N). EPSS probability of 0.02% (4th percentile) indicates low likelihood of imminent exploitation, with no public exploit identified at time of analysis.

Denial Of Service Dicom Server
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-5437 HIGH This Week

Out-of-bounds read in Orthanc DICOM Server's DicomStreamReader allows remote unauthenticated attackers to trigger denial-of-service conditions via malformed DICOM meta-header structures. CVSS 7.5 (High) with network attack vector and low complexity, requiring no privileges or user interaction. EPSS score of 0.01% (3rd percentile) indicates minimal observed exploitation activity. No confirmed active exploitation (CISA KEV) or public exploit code identified at time of analysis, though CERT/CC coordination (VU#536588) suggests coordinated disclosure process.

Buffer Overflow Information Disclosure Dicom Server
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-5438 HIGH This Week

Memory exhaustion in Orthanc DICOM Server ≤1.12.10 allows unauthenticated remote attackers to trigger denial-of-service via gzip decompression bombs in HTTP requests. Attackers send maliciously crafted gzip-compressed payloads with inflated decompression metadata, forcing the server to allocate unbounded memory and crash. EPSS score of 0.02% (4th percentile) indicates low observed exploitation probability. No active exploitation confirmed (not in CISA KEV), and no public exploit code identified at time of analysis. CVSS 7.5 reflects network-reachable, low-complexity attack requiring no authentication, but impact limited to availability only.

Denial Of Service Dicom Server
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-5440 HIGH This Week

Memory exhaustion in Orthanc DICOM Server versions up to 1.12.10 allows remote unauthenticated attackers to crash the service by sending HTTP requests with excessively large Content-Length header values. The server allocates memory based on the header without validation, enabling denial-of-service without transmitting actual payload data. EPSS score of 0.02% (6th percentile) indicates low observed exploitation probability, and no active exploitation or public POC has been identified at time of analysis.

Denial Of Service Dicom Server
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-5442 CRITICAL Act Now

Heap buffer overflow in Orthanc DICOM Server (versions ≤1.12.10) allows unauthenticated remote code execution via malformed DICOM images. Attackers exploit integer overflow during frame size calculation by submitting DICOM files with dimension fields encoded as Unsigned Long (UL) instead of Unsigned Short (US), causing out-of-bounds memory access during image decoding. CVSS 9.8 (Critical) with network-accessible attack vector requiring no authentication or user interaction. EPSS score 2% (percentile 4%) suggests low observed exploitation probability despite critical severity. No confirmed active exploitation (not in CISA KEV) and no public exploit code identified at time of analysis.

Buffer Overflow Memory Corruption Dicom Server
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-5443 CRITICAL Act Now

Heap buffer overflow in Orthanc DICOM Server ≤1.12.10 allows unauthenticated remote attackers to achieve arbitrary code execution by sending specially crafted PALETTE COLOR DICOM images. The flaw stems from integer overflow during 32-bit width×height multiplication in pixel length validation, causing bounds checks to incorrectly pass and enabling out-of-bounds memory read/write operations. CVSS 9.8 critical severity with network attack vector requiring no privileges or user interaction. EPSS exp

Buffer Overflow Memory Corruption Dicom Server
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-5445 CRITICAL Act Now

Out-of-bounds heap read in Orthanc DICOM Server ≤1.12.10 allows unauthenticated remote attackers to extract heap memory contents and potentially crash the server via malformed PALETTE COLOR images. The vulnerability resides in the DecodeLookupTable function, which fails to validate pixel indices against palette size boundaries. With a 9.1 CVSS score but only 0.02% EPSS (4th percentile), the theoretical severity is high but observed real-world exploitation probability remains very low. No active exploitation confirmed (not in CISA KEV), no public exploit code identified at time of analysis.

Buffer Overflow Information Disclosure Dicom Server
NVD VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-5444 HIGH This Week

Heap buffer overflow in Orthanc DICOM Server (versions ≤1.12.10) allows local attackers to corrupt data or crash the service via maliciously crafted PAM images embedded in DICOM files. The vulnerability stems from integer overflow during buffer size calculation when multiplying image dimensions with 32-bit arithmetic, leading to undersized heap allocation followed by oversized writes during pixel processing. EPSS score of 0.02% (5th percentile) indicates very low observed exploitation probability; no public exploit code or active exploitation confirmed at time of analysis.

Buffer Overflow Memory Corruption Dicom Server
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-5441 HIGH This Week

Out-of-bounds read in Orthanc DICOM Server's Philips PMSCT_RLE1 decompression allows local attackers to leak heap memory into rendered medical images via maliciously crafted DICOM files. Affects versions ≤1.12.10. Requires user interaction (opening crafted file). EPSS 0.02% (4th percentile) indicates minimal real-world exploitation likelihood. No active exploitation or public POC identified at time of analysis. CERT/CC reported (VU#536588).

Buffer Overflow Information Disclosure Dicom Server
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
EPSS 0% CVSS 7.5
HIGH This Week

Memory exhaustion in Orthanc DICOM Server versions ≤1.12.10 allows remote attackers to trigger denial of service by uploading specially crafted ZIP archives with forged uncompressed size metadata. The server allocates excessive memory buffers based on untrusted size fields during automatic extraction, enabling resource exhaustion attacks without authentication (CVSS:3.1 AV:N/AC:L/PR:N). EPSS probability of 0.02% (4th percentile) indicates low likelihood of imminent exploitation, with no public exploit identified at time of analysis.

Denial Of Service Dicom Server
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Out-of-bounds read in Orthanc DICOM Server's DicomStreamReader allows remote unauthenticated attackers to trigger denial-of-service conditions via malformed DICOM meta-header structures. CVSS 7.5 (High) with network attack vector and low complexity, requiring no privileges or user interaction. EPSS score of 0.01% (3rd percentile) indicates minimal observed exploitation activity. No confirmed active exploitation (CISA KEV) or public exploit code identified at time of analysis, though CERT/CC coordination (VU#536588) suggests coordinated disclosure process.

Buffer Overflow Information Disclosure Dicom Server
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Memory exhaustion in Orthanc DICOM Server ≤1.12.10 allows unauthenticated remote attackers to trigger denial-of-service via gzip decompression bombs in HTTP requests. Attackers send maliciously crafted gzip-compressed payloads with inflated decompression metadata, forcing the server to allocate unbounded memory and crash. EPSS score of 0.02% (4th percentile) indicates low observed exploitation probability. No active exploitation confirmed (not in CISA KEV), and no public exploit code identified at time of analysis. CVSS 7.5 reflects network-reachable, low-complexity attack requiring no authentication, but impact limited to availability only.

Denial Of Service Dicom Server
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Memory exhaustion in Orthanc DICOM Server versions up to 1.12.10 allows remote unauthenticated attackers to crash the service by sending HTTP requests with excessively large Content-Length header values. The server allocates memory based on the header without validation, enabling denial-of-service without transmitting actual payload data. EPSS score of 0.02% (6th percentile) indicates low observed exploitation probability, and no active exploitation or public POC has been identified at time of analysis.

Denial Of Service Dicom Server
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Heap buffer overflow in Orthanc DICOM Server (versions ≤1.12.10) allows unauthenticated remote code execution via malformed DICOM images. Attackers exploit integer overflow during frame size calculation by submitting DICOM files with dimension fields encoded as Unsigned Long (UL) instead of Unsigned Short (US), causing out-of-bounds memory access during image decoding. CVSS 9.8 (Critical) with network-accessible attack vector requiring no authentication or user interaction. EPSS score 2% (percentile 4%) suggests low observed exploitation probability despite critical severity. No confirmed active exploitation (not in CISA KEV) and no public exploit code identified at time of analysis.

Buffer Overflow Memory Corruption Dicom Server
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Heap buffer overflow in Orthanc DICOM Server ≤1.12.10 allows unauthenticated remote attackers to achieve arbitrary code execution by sending specially crafted PALETTE COLOR DICOM images. The flaw stems from integer overflow during 32-bit width×height multiplication in pixel length validation, causing bounds checks to incorrectly pass and enabling out-of-bounds memory read/write operations. CVSS 9.8 critical severity with network attack vector requiring no privileges or user interaction. EPSS exp

Buffer Overflow Memory Corruption Dicom Server
NVD VulDB
EPSS 0% CVSS 9.1
CRITICAL Act Now

Out-of-bounds heap read in Orthanc DICOM Server ≤1.12.10 allows unauthenticated remote attackers to extract heap memory contents and potentially crash the server via malformed PALETTE COLOR images. The vulnerability resides in the DecodeLookupTable function, which fails to validate pixel indices against palette size boundaries. With a 9.1 CVSS score but only 0.02% EPSS (4th percentile), the theoretical severity is high but observed real-world exploitation probability remains very low. No active exploitation confirmed (not in CISA KEV), no public exploit code identified at time of analysis.

Buffer Overflow Information Disclosure Dicom Server
NVD VulDB
EPSS 0% CVSS 7.1
HIGH This Week

Heap buffer overflow in Orthanc DICOM Server (versions ≤1.12.10) allows local attackers to corrupt data or crash the service via maliciously crafted PAM images embedded in DICOM files. The vulnerability stems from integer overflow during buffer size calculation when multiplying image dimensions with 32-bit arithmetic, leading to undersized heap allocation followed by oversized writes during pixel processing. EPSS score of 0.02% (5th percentile) indicates very low observed exploitation probability; no public exploit code or active exploitation confirmed at time of analysis.

Buffer Overflow Memory Corruption Dicom Server
NVD VulDB
EPSS 0% CVSS 7.1
HIGH This Week

Out-of-bounds read in Orthanc DICOM Server's Philips PMSCT_RLE1 decompression allows local attackers to leak heap memory into rendered medical images via maliciously crafted DICOM files. Affects versions ≤1.12.10. Requires user interaction (opening crafted file). EPSS 0.02% (4th percentile) indicates minimal real-world exploitation likelihood. No active exploitation or public POC identified at time of analysis. CERT/CC reported (VU#536588).

Buffer Overflow Information Disclosure Dicom Server
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy