EUVD-2026-38191

🗓️ 21 Jun 2026 19:15:07Reported by EUVDType

Heap buffer overflow in XML file parsing in the DICOM toolkit up to version three seven; remote exploit; patch released.

Reporter	Title	Published	Views	Family All 5
ATTACKERKB	CVE-2026-12805	21 Jun 202619:15	–	attackerkb
CVE	CVE-2026-12805	21 Jun 202619:15	–	cve
Cvelist	CVE-2026-12805 OFFIS DCMTK ofxml.cc parseFile heap-based overflow	21 Jun 202619:15	–	cvelist
NVD	CVE-2026-12805	21 Jun 202620:16	–	nvd
Positive Technologies	PT-2026-51253	21 Jun 202600:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "40ff515f-1928-324c-b2b2-155663b431eb",
        "vendor": {
          "name": "OFFIS"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0f6a8d66-70c6-3e16-83fd-0a345e096372",
        "product": {
          "name": "DCMTK",
          "vendor": {
            "name": "OFFIS"
          }
        },
        "product_version": "3.5"
      },
      {
        "id": "5bd646bd-6480-3c3b-8d00-454e14a0964e",
        "product": {
          "name": "DCMTK",
          "vendor": {
            "name": "OFFIS"
          }
        },
        "product_version": "3.0"
      },
      {
        "id": "5cbfc409-cf5e-3ef3-89f4-ed95f1a8240e",
        "product": {
          "name": "DCMTK",
          "vendor": {
            "name": "OFFIS"
          }
        },
        "product_version": "3.2"
      },
      {
        "id": "83a2afab-a16b-34ed-88ff-ca9bb067cfc4",
        "product": {
          "name": "DCMTK",
          "vendor": {
            "name": "OFFIS"
          }
        },
        "product_version": "3.4"
      },
      {
        "id": "e1d9f17c-db11-371a-91fb-59b7d17447be",
        "product": {
          "name": "DCMTK",
          "vendor": {
            "name": "OFFIS"
          }
        },
        "product_version": "3.3"
      },
      {
        "id": "ee1754cc-da92-3ab5-8982-ee6c20d9c179",
        "product": {
          "name": "DCMTK",
          "vendor": {
            "name": "OFFIS"
          }
        },
        "product_version": "3.7.0"
      },
      {
        "id": "f080dbf9-e96e-33c9-b8ab-03c10c719e8a",
        "product": {
          "name": "DCMTK",
          "vendor": {
            "name": "OFFIS"
          }
        },
        "product_version": "3.6"
      },
      {
        "id": "f7fcc505-c87e-3034-bfc4-f7edf4328b95",
        "product": {
          "name": "DCMTK",
          "vendor": {
            "name": "OFFIS"
          }
        },
        "product_version": "3.1"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/372599
vuldb	www.vuldb.com/vuln/372599/cti
vuldb	www.vuldb.com/cve/CVE-2026-12805
vuldb	www.vuldb.com/submit/836273
support	www.support.dcmtk.org/redmine/issues/1208
git	www.git.dcmtk.org/
medium	www.medium.com/@faboherrera.fabo/dcmtk-vulnerability-report-201afc687790
github	www.github.com/DCMTK/dcmtk/commit/1d4b3815c0987840a983160bfc671fef63a3105b

21 Jun 2026 19:15Current

5.8Medium risk

Vulners AI Score5.8

CVSS 45.3

CVSS 3.16.3

CVSS 27.5

CVSS 36.3