CVE-2026-5663
OFFIS DCMTK up to 3.7.0 contains a vulnerability in the storescp component (dcmnet/apps/storescp.cc: executeOnReception/executeOnEndOfStudy) that allows os command injection through manipulation. Remote exploitation is possible. A patch (edbb085e45788dccaf0e64d71534cfca925784b8) is available and ...