Description
An out-of-bounds read vulnerability exists in `DicomStreamReader` during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly to the attacker, it reflects insufficient input validation in the parsing logic.
Published: 2026-04-09
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: Information Exposure Potential
Action: Assess
AI Analysis

Impact

An out-of-bounds read vulnerability exists in the DicomStreamReader component of Orthanc during DICOM meta-header parsing. The parser may read beyond the bounds of the allocated metadata buffer when encountering malformed metadata structures. Although the flaw does not normally crash the server or directly expose hidden data, it reflects insufficient input validation and could leak unintended memory contents, potentially compromising confidentiality.

Affected Systems

Orthanc DICOM Server is affected. No specific version information is available, so all deployed instances of Orthanc may be susceptible until a vendor patch is issued.

Risk and Exploitability

The absence of an EPSS score and lack of listing in the CISA KEV catalog suggests limited known exploitation. Nevertheless, the vulnerability can be leveraged by an attacker who can send crafted DICOM files to the server, likely over the network. The attack scenario would entail an adversary injecting malformed meta-headers that trigger the out-of-bounds read, allowing them to glean data from the server's memory. While no crash occurs, the potential for information disclosure raises moderate risk, especially in environments where sensitive imaging data is handled.

Generated by OpenCVE AI on April 9, 2026 at 16:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify if a newer Orthanc version or published patch is available and upgrade accordingly.
  • If an update is pending, block or restrict access to the DICOM service from untrusted networks.
  • Implement input validation or network filtering to reject malformed DICOM files.
  • Monitor application logs for anomalous read or parse errors that may indicate exploitation attempts.

Generated by OpenCVE AI on April 9, 2026 at 16:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 10 Apr 2026 10:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-125

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Orthanc
Orthanc dicom Server
Vendors & Products Orthanc
Orthanc dicom Server

Thu, 09 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read vulnerability exists in `DicomStreamReader` during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly to the attacker, it reflects insufficient input validation in the parsing logic.
Title Out-of-Bounds Read in DicomStreamReader
References

Subscriptions

Orthanc Dicom Server
cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2026-04-09T14:44:17.972Z

Reserved: 2026-04-02T19:21:45.325Z

Link: CVE-2026-5437

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-09T15:16:15.093

Modified: 2026-04-09T15:16:15.093

Link: CVE-2026-5437

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:32:35Z

Weaknesses