Vulnerability Details CVE-2026-5441
An out-of-bounds read vulnerability exists in the `DecodePsmctRle1` function of `DicomImageDecoder.cpp`. The `PMSCT_RLE1` decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafted sequence at the end of the buffer can cause the decoder to read beyond the allocated memory region and leak heap data into the rendered image output.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.9%
CVSS Severity
CVSS v3 Score 7.1
References
Products affected by CVE-2026-5441
-
cpe:2.3:a:orthanc-server:orthanc:0.1.0
-
cpe:2.3:a:orthanc-server:orthanc:0.1.1
-
cpe:2.3:a:orthanc-server:orthanc:0.2.0
-
cpe:2.3:a:orthanc-server:orthanc:0.2.1
-
cpe:2.3:a:orthanc-server:orthanc:0.2.2
-
cpe:2.3:a:orthanc-server:orthanc:0.2.3
-
cpe:2.3:a:orthanc-server:orthanc:0.3.0
-
cpe:2.3:a:orthanc-server:orthanc:0.3.1
-
cpe:2.3:a:orthanc-server:orthanc:0.4.0
-
cpe:2.3:a:orthanc-server:orthanc:0.5.0
-
cpe:2.3:a:orthanc-server:orthanc:0.5.1
-
cpe:2.3:a:orthanc-server:orthanc:0.6.0
-
cpe:2.3:a:orthanc-server:orthanc:0.6.1
-
cpe:2.3:a:orthanc-server:orthanc:0.6.2
-
cpe:2.3:a:orthanc-server:orthanc:0.7.0
-
cpe:2.3:a:orthanc-server:orthanc:0.7.1
-
cpe:2.3:a:orthanc-server:orthanc:0.7.2
-
cpe:2.3:a:orthanc-server:orthanc:0.7.3
-
cpe:2.3:a:orthanc-server:orthanc:0.7.4
-
cpe:2.3:a:orthanc-server:orthanc:0.7.5
-
cpe:2.3:a:orthanc-server:orthanc:0.7.6
-
cpe:2.3:a:orthanc-server:orthanc:0.8.0
-
cpe:2.3:a:orthanc-server:orthanc:0.8.1
-
cpe:2.3:a:orthanc-server:orthanc:0.8.2
-
cpe:2.3:a:orthanc-server:orthanc:0.8.3
-
cpe:2.3:a:orthanc-server:orthanc:0.8.4
-
cpe:2.3:a:orthanc-server:orthanc:0.8.5
-
cpe:2.3:a:orthanc-server:orthanc:0.8.6
-
cpe:2.3:a:orthanc-server:orthanc:0.9.0
-
cpe:2.3:a:orthanc-server:orthanc:0.9.1
-
cpe:2.3:a:orthanc-server:orthanc:0.9.2
-
cpe:2.3:a:orthanc-server:orthanc:0.9.3
-
cpe:2.3:a:orthanc-server:orthanc:0.9.4
-
cpe:2.3:a:orthanc-server:orthanc:0.9.5
-
cpe:2.3:a:orthanc-server:orthanc:0.9.6
-
cpe:2.3:a:orthanc-server:orthanc:1.0.0
-
cpe:2.3:a:orthanc-server:orthanc:1.1.0
-
cpe:2.3:a:orthanc-server:orthanc:1.10.0
-
cpe:2.3:a:orthanc-server:orthanc:1.10.1
-
cpe:2.3:a:orthanc-server:orthanc:1.11.0
-
cpe:2.3:a:orthanc-server:orthanc:1.11.1
-
cpe:2.3:a:orthanc-server:orthanc:1.11.2
-
cpe:2.3:a:orthanc-server:orthanc:1.11.3.
-
cpe:2.3:a:orthanc-server:orthanc:1.12.0
-
cpe:2.3:a:orthanc-server:orthanc:1.12.1
-
cpe:2.3:a:orthanc-server:orthanc:1.12.10
-
cpe:2.3:a:orthanc-server:orthanc:1.12.2
-
cpe:2.3:a:orthanc-server:orthanc:1.12.3
-
cpe:2.3:a:orthanc-server:orthanc:1.12.4
-
cpe:2.3:a:orthanc-server:orthanc:1.12.5
-
cpe:2.3:a:orthanc-server:orthanc:1.12.6
-
cpe:2.3:a:orthanc-server:orthanc:1.12.7
-
cpe:2.3:a:orthanc-server:orthanc:1.12.8
-
cpe:2.3:a:orthanc-server:orthanc:1.12.9
-
cpe:2.3:a:orthanc-server:orthanc:1.2.0
-
cpe:2.3:a:orthanc-server:orthanc:1.3.1
-
cpe:2.3:a:orthanc-server:orthanc:1.3.2
-
cpe:2.3:a:orthanc-server:orthanc:1.4.1
-
cpe:2.3:a:orthanc-server:orthanc:1.4.2
-
cpe:2.3:a:orthanc-server:orthanc:1.5.0
-
cpe:2.3:a:orthanc-server:orthanc:1.5.1
-
cpe:2.3:a:orthanc-server:orthanc:1.5.2
-
cpe:2.3:a:orthanc-server:orthanc:1.5.3
-
cpe:2.3:a:orthanc-server:orthanc:1.5.4
-
cpe:2.3:a:orthanc-server:orthanc:1.5.5
-
cpe:2.3:a:orthanc-server:orthanc:1.5.6
-
cpe:2.3:a:orthanc-server:orthanc:1.5.7
-
cpe:2.3:a:orthanc-server:orthanc:1.5.8
-
cpe:2.3:a:orthanc-server:orthanc:1.6.0
-
cpe:2.3:a:orthanc-server:orthanc:1.6.1
-
cpe:2.3:a:orthanc-server:orthanc:1.7.0
-
cpe:2.3:a:orthanc-server:orthanc:1.7.1
-
cpe:2.3:a:orthanc-server:orthanc:1.7.2
-
cpe:2.3:a:orthanc-server:orthanc:1.7.3
-
cpe:2.3:a:orthanc-server:orthanc:1.7.4
-
cpe:2.3:a:orthanc-server:orthanc:1.8.0
-
cpe:2.3:a:orthanc-server:orthanc:1.8.1
-
cpe:2.3:a:orthanc-server:orthanc:1.8.2
-
cpe:2.3:a:orthanc-server:orthanc:1.9.0
-
cpe:2.3:a:orthanc-server:orthanc:1.9.1
-
cpe:2.3:a:orthanc-server:orthanc:1.9.2
-
cpe:2.3:a:orthanc-server:orthanc:1.9.3
-
cpe:2.3:a:orthanc-server:orthanc:1.9.4
-
cpe:2.3:a:orthanc-server:orthanc:1.9.5
-
cpe:2.3:a:orthanc-server:orthanc:1.9.6
-
cpe:2.3:a:orthanc-server:orthanc:1.9.7