Lucene search
+L

5 matches found

nvd
nvd
added 2026/06/25 9:16 p.m.10 views

CVE-2026-56445

The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join without sanitization, allowing file writes to arbitrary paths...

9.1CVSS0.00434EPSS
Exploits0References3
euvd
euvd
added 2026/06/25 8:46 p.m.8 views

EUVD-2026-39562

The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join without sanitization, allowing file writes to arbitrary paths...

9.1CVSS6AI score0.00434EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/25 8:46 p.m.26 views

CVE-2026-56445 pydicom pynetdicom Library Path Traversal

The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join without sanitization, allowing file writes to arbitrary paths...

9.1CVSS0.00434EPSS
Exploits0References3
cve
cve
added 2026/06/25 8:46 p.m.15 views

CVE-2026-56445

The CVE-2026-56445 issue affects the qrscp application’s C-STORE handler. It directly uses an attacker-supplied DICOM dataset instance in os.path.join() without sanitization, enabling writes to arbitrary file paths on the system. This is a path traversal vulnerability in the file-write path, with...

9.1CVSS6AI score0.00434EPSS
Exploits0References3
ics
ics
added 2026/06/25 6:0 a.m.15 views

pydicom pynetdicom Library

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an unauthenticated attacker to write to arbitrary file paths. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure...

9.1CVSS6AI score0.00434EPSS
Exploits0References11
Rows per page
Query Builder