CVE-2026-5445

Out-of-Bounds Read in DicomImageDecoder (DecodeLookupTable)

CVSS 9.1 CRITICALEPSS 0.7%

Vexday Risk Score

28Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 9.1EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

09 Apr 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An out-of-bounds read vulnerability exists in the `DecodeLookupTable` function within `DicomImageDecoder.cpp`. The lookup-table decoding logic used for `PALETTE COLOR` images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size cause the decoder to read beyond allocated lookup table memory and expose heap contents in the output image.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Affected products

Orthanc · DICOM Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://kb.cert.org/vuls/id/536588 https://www.machinespirits.de/https://www.orthanc-server.com/