CVE-2026-10528

NameCVE-2026-10528
DescriptionA security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The exploit has been released to the public and may be used for attacks. The patch is named bae99026ca97. To fix this issue, it is recommended to deploy a patch.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1138713

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
orthanc (PTS)bullseye1.9.2+really1.9.1+dfsg-1+deb11u1vulnerable
bullseye (security)1.9.2+really1.9.1+dfsg-1+deb11u2vulnerable
bookworm, bookworm (security)1.10.1+dfsg-2+deb12u1vulnerable
trixie1.12.7+dfsg-4vulnerable
forky, sid1.12.11+dfsg-7vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
orthancsource(unstable)(unfixed)1138713

Notes

[trixie] - orthanc <no-dsa> (Minor issue)
[bookworm] - orthanc <no-dsa> (Minor issue)
https://orthanc.uclouvain.be/bugs/show_bug.cgi?id=258
https://orthanc.uclouvain.be/hg/orthanc/rev/bae99026ca97
Search for package or bug name: Reporting problems