CVE-2026-5443
Published: 09 April 2026
Summary
CVE-2026-5443 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Orthanc-Server Orthanc. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 19.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires organizations to identify, report, prioritize, and remediate the specific heap buffer overflow flaw in DICOM image decoding via timely patching.
Mandates robust input validation for DICOM image dimensions and pixel data to prevent integer overflows that bypass buffer size checks.
Implements memory protections such as ASLR and DEP to mitigate exploitation of heap buffer overflows leading to code execution or corruption.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Heap buffer overflow in Orthanc DICOM server decoder allows unauthenticated remote attackers to supply crafted PALETTE COLOR images for RCE, data disclosure or DoS, directly enabling exploitation of public-facing applications and remote services.
NVD Description
A heap buffer overflow vulnerability exists during the decoding of `PALETTE COLOR` DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and…
more
write to memory beyond allocated buffers.
Deeper analysisAI
CVE-2026-5443, published on 2026-04-09, is a heap buffer overflow vulnerability (CWE-787) that occurs during the decoding of PALETTE COLOR DICOM images. The flaw stems from pixel length validation that relies on 32-bit multiplication for width and height calculations; if these values overflow, the check erroneously passes, enabling the decoder to read from and write to memory beyond the allocated buffers. This affects DICOM processing components, as referenced in advisories for Orthanc server and related software.
The vulnerability carries a CVSS 3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with network accessibility, low complexity, and no privileges or user interaction required. Unauthenticated remote attackers can exploit it by supplying maliciously crafted PALETTE COLOR DICOM images, resulting in heap memory corruption that could lead to arbitrary code execution, sensitive data disclosure, or system crashes.
Mitigation guidance is available in vendor and advisory publications, including CERT's vulnerability note at https://kb.cert.org/vuls/id/536588, Machine Spirits at https://www.machinespirits.de/, and Orthanc server at https://www.orthanc-server.com/. Security practitioners should consult these for patching instructions, workarounds, and affected version details.
Details
- CWE(s)