CVE-2026-5437 | THREATINT

Description

An out-of-bounds read vulnerability exists in `DicomStreamReader` during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly to the attacker, it reflects insufficient input validation in the parsing logic.

PUBLISHED Reserved 2026-04-02 | Published 2026-04-09 | Updated 2026-04-14 | Assigner certcc

Problem types

CWE-125 Out-of-bounds Read

Product status

Any version

affected

References

www.orthanc-server.com/

www.machinespirits.de/

kb.cert.org/vuls/id/536588

cve.org (CVE-2026-5437)

nvd.nist.gov (CVE-2026-5437)

Download JSON