Back to CVE List

CVE-2026-50254

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.5 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Description

An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-401
Source
NVD
Vendor
OFFIS DICOM
Product
DCMTK Toolkit

External References

Discussion (0)

Add Comment

No comments yet. Be the first!