Description
An out-of-bounds read vulnerability exists in `DicomStreamReader` during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly to the attacker, it reflects insufficient input validation in the parsing logic.
Published: 2026-04-09
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Out-of-Bounds Read
Action: Apply Patch
AI Analysis

Impact

An out-of-bounds read occurs while parsing DICOM meta-headers in the DicomStreamReader component. The reader may access memory beyond the allocated buffer when it encounters malformed metadata structures. This defect does not necessarily crash the server or expose sensitive data directly, but it indicates insufficient input validation and could potentially lead to memory disclosure or unexpected behavior if the attacker can read corrupted data.

Affected Systems

The vulnerability affects the Orthanc DICOM Server. The vendor product is listed as Orthanc:DICOM Server. Specific affected versions are not disclosed in the provided information; therefore, any deployment of Orthanc that includes the DicomStreamReader module may be susceptible. No further version granularity is given.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity, while the EPSS score of less than 1% suggests that exploitation is currently uncommon. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. The likely attack vector is remote, where an attacker sends a crafted DICOM file over the network to trigger the out-of-bounds read during parsing. Since the flaw results in a memory read beyond bounds, the exploitation conditions required are the delivery of malformed DICOM metadata, which a remote attacker could achieve.

Generated by OpenCVE AI on April 16, 2026 at 09:14 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Orthanc patch once released.
  • If a patch is not yet available, isolate the Orthanc instance or block inbound DICOM traffic externally until the fix is applied.
  • Validate and sanitize all incoming DICOM files before they reach the parser, to reduce malformed input risks.
  • Monitor server logs for anomalous parsing errors that may indicate attempted exploitation.

Generated by OpenCVE AI on April 16, 2026 at 09:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 03:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119

Wed, 15 Apr 2026 20:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119

Wed, 15 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Orthanc-server
Orthanc-server orthanc
Weaknesses CWE-125
CPEs cpe:2.3:a:orthanc-server:orthanc:*:*:*:*:*:*:*:*
Vendors & Products Orthanc-server
Orthanc-server orthanc

Wed, 15 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-125

Tue, 14 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 10:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-125

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Orthanc
Orthanc dicom Server
Vendors & Products Orthanc
Orthanc dicom Server

Thu, 09 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read vulnerability exists in `DicomStreamReader` during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly to the attacker, it reflects insufficient input validation in the parsing logic.
Title Out-of-Bounds Read in DicomStreamReader
References

Subscriptions

Orthanc Dicom Server
Orthanc-server Orthanc
cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2026-04-14T16:34:20.487Z

Reserved: 2026-04-02T19:21:45.325Z

Link: CVE-2026-5437

cve-icon Vulnrichment

Updated: 2026-04-14T15:13:47.460Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-09T15:16:15.093

Modified: 2026-04-15T19:14:31.573

Link: CVE-2026-5437

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T09:15:30Z

Weaknesses