A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation (VR) Unsigned Long (UL), instead of the expected VR Unsigned Short (US), which allows extremely large dimensions to be processed. This causes an integer overflow during frame size calculation and results in out-of-bounds memory access during image decoding.
CVE-2026-5442
NONE
EPSS 0.06%
Updated Apr 09, 2026
CVE Details
CVE ID
CVE-2026-5442
Published Date
Apr 09, 2026
Vendor
Not specified
Severity
NONE
Exploit Prediction (EPSS)
Probability of Exploit
0.06%
Likelihood of exploitation in next 30 days
Percentile:
19.2th percentile (higher than 19.2% of all CVEs)
Standard patching cycle
Impact
Minimal impact
Source
View Advisory