UNKNOWN Severity
CVE-2026-5443
Last updated Apr 09, 2026 · Published Apr 09, 2026
Description
A heap buffer overflow vulnerability exists during the decoding of `PALETTE COLOR` DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memory beyond allocated buffers.
Affected products
1 listed- Orthanc:DICOM Server
Mappings
CWE
CWE-190
CAPEC
None listed.
CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms