CVE-2026-10528— Orthanc DICOM Server DCMTK FromDcmtkBridge.cpp read stack-based overflow
Possible ATT&CK Techniques 1AI
T1203 · Exploitation for Client ExecutionGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-10528
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Orthanc DICOM Server DCMTK FromDcmtkBridge.cpp read stack-based overflow
Source: NVD (National Vulnerability Database)
Vulnerability Description
A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The exploit has been released to the public and may be used for attacks. The patch is named bae99026ca97. To fix this issue, it is recommended to deploy a patch.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
栈缓冲区溢出
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Orthanc | DICOM Server | 1.12.0 | cpe:2.3:a:orthanc:dicom_server:*:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-10528
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-10528
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-10528 (1)
Vendor Advisories for CVE-2026-10528 (1)
Other References for CVE-2026-10528 (1)
Other References for CVE-2026-10528 (1)
IV. Related Vulnerabilities
Same product: DICOM Server
- CVE-2026-5439
Memory Exhaustion via Forged ZIP Metadata - CVE-2026-5437
Out-of-Bounds Read in DicomStreamReader - CVE-2026-5438
Gzip Decompression Bomb via Content-Encoding Header - CVE-2026-5440
Memory Exhaustion via Unbounded Content-Length - CVE-2026-5442
Heap Buffer Overflow in DICOM Image Decoder via VR UL Dimens
Same vendor: Orthanc
- CVE-2026-10173
Orthanc Explorer 2 URL StudyList.vue cross site scripting - CVE-2026-5439
Memory Exhaustion via Forged ZIP Metadata - CVE-2026-5437
Out-of-Bounds Read in DicomStreamReader - CVE-2026-5438
Gzip Decompression Bomb via Content-Encoding Header - CVE-2026-5440
Memory Exhaustion via Unbounded Content-Length
Same weakness: CWE-121
- CVE-2026-24085
Stack-based Buffer Overflow in Display - CVE-2025-59613
Stack-based Buffer Overflow in Windows Compute - CVE-2025-59612
Stack-based Buffer Overflow in Windows Compute - CVE-2026-10293
UTT HiPER 1200GW formFireWall strcpy stack-based overflow - CVE-2018-25427
Arm Whois 3.11 Buffer Overflow via SEH Overwrite
V. Comments for CVE-2026-10528
No comments yet