Orthanc DICOM Server Heap Buffer Overflow & DoS Vulnerabilities (CVE-2026-5437 to 5445)

Vulnerability Summary: Multiple Heap Buffer Overflow Vulnerabilities in Orthanc DICOM Server Vulnerability Overview Multiple security vulnerabilities have been identified in Orthanc DICOM Server versions 1.12.10 and earlier. These vulnerabilities primarily involve heap buffer overflows, out-of-bounds reads, and resource exhaustion. Exploitation of these vulnerabilities by attackers can lead to server crashes, memory content leakage, and even arbitrary code execution. Affected Scope Affected Software: Orthanc DICOM Server (Versions 1.12.10 and earlier) Key Vulnerability Details (CVE IDs): CVE-2026-5437: Out-of-bounds read vulnerability in . CVE-2026-5438: Gzip decompression bomb vulnerability (memory exhaustion). CVE-2026-5439: Memory exhaustion vulnerability in ZIP archive processing. CVE-2026-5440: Memory exhaustion caused by improper handling of the header. CVE-2026-5441: Out-of-bounds read in the function within . CVE-2026-5442: Heap buffer overflow in image decoding (VR Unsigned Long vs Unsigned Short). CVE-2026-5443: Heap buffer overflow in decoding. CVE-2026-5444: Heap buffer overflow in PAM image parsing logic. CVE-2026-5445: Out-of-bounds read in the function. Potential Impact: Remote Code Execution (RCE) Denial of Service (DoS) Information Disclosure Memory Corruption Remediation Upgrade Version: The vendor has released version 1.12.11 to patch the aforementioned vulnerabilities. Users are strongly advised to upgrade as soon as possible. Configuration Recommendations: Administrators should review deployment configurations to restrict the scope of upload and image processing functionalities, allowing access only to trusted users. Reference Documentation: Please refer to the Orthanc documentation and release notes for patch details and deployment guidance. POC/Exploit Code No executable POC code blocks are directly provided on the page; however, relevant reference links are available pointing to specific security advisories on : Heap Buffer Overflow in PAM Image Buffer Allocation: Heap Buffer Overflow in DICOM Image Decoder via VR UL Dimensions: Heap Buffer Overflow in DICOM Image Decoder (Palette Color Decode): Out-of-Bounds Read in DicomImageDecoder (PMCT_RLE1 Decompression): Out-of-Bounds Read in DicomImageDecoder (DecodeLookupTable): Memory Exhaustion via Unbounded Content-Length: Memory Exhaustion via Forged ZIP Metadata: Gzip Decompression Bomb via Content-Encoding Header: Out-of-Bounds Read in DicomStreamReader:

Goal Reached Thanks to every supporter — we hit 100%!

Orthanc DICOM Server Heap Buffer Overflow & DoS Vulnerabilities (CVE-2026-5437 to 5445)