CVE-2026-5444: CWE-190 Integer Overflow or Wraparound in Orthanc DICOM Server
CVE-2026-5444 is a heap buffer overflow vulnerability in the Orthanc DICOM Server's PAM image parsing logic. The vulnerability arises when processing a crafted PAM image embedded in a DICOM file, where image dimensions are multiplied using 32-bit unsigned arithmetic. This can cause an integer overflow during buffer size calculation, leading to allocation of a smaller buffer than needed and subsequent buffer overflow during pixel processing. No CVSS score or official remediation details are currently available.
AI Analysis
Technical Summary
This vulnerability involves an integer overflow (CWE-190) in the Orthanc DICOM Server when parsing PAM images embedded within DICOM files. The multiplication of image dimensions using 32-bit unsigned arithmetic can overflow, causing the server to allocate insufficient buffer space. This results in a heap buffer overflow during pixel data processing, potentially leading to memory corruption or application instability. The vulnerability is documented under CVE-2026-5444 with no known exploits in the wild and no confirmed patch or remediation at this time.
Potential Impact
Successful exploitation could cause a heap buffer overflow in the Orthanc DICOM Server, potentially leading to memory corruption, application crashes, or other undefined behavior. No confirmed reports of exploitation in the wild exist. The exact impact depends on the attacker's ability to supply a crafted PAM image within a DICOM file to the vulnerable server.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://kb.cert.org/vuls/id/536588 for current remediation guidance. Until an official fix is available, avoid processing untrusted or malformed PAM images embedded in DICOM files to reduce risk.
CVE-2026-5444: CWE-190 Integer Overflow or Wraparound in Orthanc DICOM Server
Description
CVE-2026-5444 is a heap buffer overflow vulnerability in the Orthanc DICOM Server's PAM image parsing logic. The vulnerability arises when processing a crafted PAM image embedded in a DICOM file, where image dimensions are multiplied using 32-bit unsigned arithmetic. This can cause an integer overflow during buffer size calculation, leading to allocation of a smaller buffer than needed and subsequent buffer overflow during pixel processing. No CVSS score or official remediation details are currently available.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves an integer overflow (CWE-190) in the Orthanc DICOM Server when parsing PAM images embedded within DICOM files. The multiplication of image dimensions using 32-bit unsigned arithmetic can overflow, causing the server to allocate insufficient buffer space. This results in a heap buffer overflow during pixel data processing, potentially leading to memory corruption or application instability. The vulnerability is documented under CVE-2026-5444 with no known exploits in the wild and no confirmed patch or remediation at this time.
Potential Impact
Successful exploitation could cause a heap buffer overflow in the Orthanc DICOM Server, potentially leading to memory corruption, application crashes, or other undefined behavior. No confirmed reports of exploitation in the wild exist. The exact impact depends on the attacker's ability to supply a crafted PAM image within a DICOM file to the vulnerable server.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://kb.cert.org/vuls/id/536588 for current remediation guidance. Until an official fix is available, avoid processing untrusted or malformed PAM images embedded in DICOM files to reduce risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- certcc
- Date Reserved
- 2026-04-02T19:23:20.072Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://kb.cert.org/vuls/id/536588","vendor":"CERT"}]
Threat ID: 69d7bcce1cc7ad14dad7b6ff
Added to database: 4/9/2026, 2:50:54 PM
Last enriched: 4/9/2026, 3:05:55 PM
Last updated: 4/9/2026, 3:55:07 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.