The vulnerability lies in the DecodeLookupTable function used for Palette Color DICOM images; the function does not validate pixel indices against the size of the lookup table, allowing an attacker to craft a DICOM file with indices that exceed the table bounds. When the server decodes such a file it performs an out‑of‑bounds read, leaking heap memory contents into the output image. This can expose sensitive data and may serve as a side channel for more advanced attacks. The weakness maps to buffer overread (CWE‑125).

Orthanc DICOM Server is the affected product. No specific affected version list is provided, so any release containing the vulnerable DecodeLookupTable implementation may be at risk. Users should consult the Orthanc changelog or security advisories for confirmation of a fix.

The CVSS base score of 9.1 denotes a high‑severity issue that can lead to information disclosure. The EPSS score of less than 1 % indicates a low probability of exploitation in the wild, and the vulnerability is not listed in CISA’s KEV catalog. The flaw can be triggered by a maliciously crafted DICOM file sent to the server; the attack vector is thus likely remote from a client that transmits such a file. No privileged host access is required, making exploitation straightforward once the file reaches the server.