CVE-2026-10194

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.3 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L                                    

Vulnerability Description

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. This patch is called 0f78a4ef6f645ea5530166e445e5436a5de58e75. A patch should be applied to remediate this issue.

Vulnerability Details

Published Date

May 31, 2026

Last Modified

May 31, 2026

CWE ID

CWE-119

Source

NVD

Vendor

OFFIS

Product

DCMTK

External References

https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=0f78a4ef6f645ea5530166e445e5436a5de58e75
https://vuldb.com/cve/CVE-2026-10194
https://vuldb.com/submit/821029
https://vuldb.com/vuln/367475
https://vuldb.com/vuln/367475/cti

CVE-2026-10194

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment