Out-of-bounds read in Orthanc - CVE-2026-5441
Published: April 9, 2026
Vulnerability identifier: #VU125672
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-5441
CWE-ID: CWE-125
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Orthanc
Affected software:
Orthanc
Orthanc
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in the DecodePsmctRle1 function of DicomImageDecoder.cpp when decoding PMSCT_RLE1 compressed image data. A remote attacker can supply a crafted image with escape markers near the end of the compressed data stream to disclose sensitive information.
Heap data may be exposed through the rendered image output.
How to mitigate CVE-2026-5441
Install security update from vendor's website.