CVE-2026-5442: CWE-190 Integer Overflow or Wraparound in Orthanc DICOM Server
A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation (VR) Unsigned Long (UL), instead of the expected VR Unsigned Short (US), which allows extremely large dimensions to be processed. This causes an integer overflow during frame size calculation and results in out-of-bounds memory access during image decoding.
AI Analysis
Technical Summary
The Orthanc DICOM Server contains a heap buffer overflow vulnerability (CVE-2026-5442) due to improper handling of dimension fields in DICOM images. The decoder expects dimensions encoded as VR Unsigned Short but instead processes VR Unsigned Long, enabling extremely large dimension values. This causes an integer overflow during the calculation of frame size, resulting in out-of-bounds memory access during image decoding. This vulnerability can lead to memory corruption with potential for arbitrary code execution or denial of service. The CVSS 3.1 base score is 9.8 (critical), reflecting network attack vector, no privileges required, no user interaction, and high impact on confidentiality, integrity, and availability. No official fix or patch is currently documented, and no known exploits have been reported.
Potential Impact
Successful exploitation of this vulnerability can cause heap buffer overflow leading to out-of-bounds memory access. This may allow an attacker to execute arbitrary code, crash the server, or cause denial of service. The critical CVSS score of 9.8 indicates a severe impact on confidentiality, integrity, and availability of the affected system. No known exploits are currently in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://kb.cert.org/vuls/id/536588 for current remediation guidance. Until an official fix is available, restrict exposure of the Orthanc DICOM Server to untrusted networks and validate or sanitize DICOM images before processing to mitigate risk.
CVE-2026-5442: CWE-190 Integer Overflow or Wraparound in Orthanc DICOM Server
Description
A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation (VR) Unsigned Long (UL), instead of the expected VR Unsigned Short (US), which allows extremely large dimensions to be processed. This causes an integer overflow during frame size calculation and results in out-of-bounds memory access during image decoding.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Orthanc DICOM Server contains a heap buffer overflow vulnerability (CVE-2026-5442) due to improper handling of dimension fields in DICOM images. The decoder expects dimensions encoded as VR Unsigned Short but instead processes VR Unsigned Long, enabling extremely large dimension values. This causes an integer overflow during the calculation of frame size, resulting in out-of-bounds memory access during image decoding. This vulnerability can lead to memory corruption with potential for arbitrary code execution or denial of service. The CVSS 3.1 base score is 9.8 (critical), reflecting network attack vector, no privileges required, no user interaction, and high impact on confidentiality, integrity, and availability. No official fix or patch is currently documented, and no known exploits have been reported.
Potential Impact
Successful exploitation of this vulnerability can cause heap buffer overflow leading to out-of-bounds memory access. This may allow an attacker to execute arbitrary code, crash the server, or cause denial of service. The critical CVSS score of 9.8 indicates a severe impact on confidentiality, integrity, and availability of the affected system. No known exploits are currently in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://kb.cert.org/vuls/id/536588 for current remediation guidance. Until an official fix is available, restrict exposure of the Orthanc DICOM Server to untrusted networks and validate or sanitize DICOM images before processing to mitigate risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- certcc
- Date Reserved
- 2026-04-02T19:22:48.196Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://kb.cert.org/vuls/id/536588","vendor":"CERT"}]
Threat ID: 69d7bcce1cc7ad14dad7b6f5
Added to database: 4/9/2026, 2:50:54 PM
Last enriched: 4/17/2026, 11:41:12 AM
Last updated: 5/24/2026, 11:26:24 AM
Views: 89
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.