CVE-2026-5443

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Apr 09, 2026

Vendor unknown

Description

A heap buffer overflow vulnerability exists during the decoding of `PALETTE COLOR` DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memory beyond allocated buffers.

References

https://kb.cert.org/vuls/id/536588
https://www.machinespirits.de/
https://www.orthanc-server.com/