CVE-2026-10528 | Orthanc DICOM Server up to 1.12.11 DCMTK Parser FromDcmtkBridge.cpp DcmItem::read stack-based overflow (Bug 258 / bae99026ca97)

Inserito da Angelo Barbosa | Giu 1, 2026 | CVE

A vulnerability identified as problematic has been detected in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow.

This vulnerability is known as CVE-2026-10528. Attacking locally is a requirement. Furthermore, an exploit is available.

To fix this issue, it is recommended to deploy a patch.

CVE-2026-10528 | Orthanc DICOM Server up to 1.12.11 DCMTK Parser FromDcmtkBridge.cpp DcmItem::read stack-based overflow (Bug 258 / bae99026ca97)

Post correlati

CVE-2026-31430 | Linux Kernel up to 6.6.134/6.12.81/6.18.22/6.19.12 X.509 Certificate out-of-bounds

CVE-2024-32757 | Johnson Controls Illustra Essentials Gen 4 up to 4.01.02.10.5982 log file (icsa-24-179-06)

CVE-2024-6593 | WatchGuard Authentication Gateway up to 12.10.2 on Windows Management Command authorization (wgsa-2024-00015)

CVE-2025-54548 | Arista DANZ Monitoring Fabric information disclosure