High severity7.3NVD Advisory· Published Apr 6, 2026· Updated Apr 27, 2026
CVE-2026-5663
CVE-2026-5663
Description
A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The patch is named edbb085e45788dccaf0e64d71534cfca925784b8. Applying a patch is the recommended action to fix this issue.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/DCMTK/dcmtk/commit/edbb085e45788dccaf0e64d71534cfca925784b8nvdPatch
- machinespirits.com/advisory/2e1627/nvdMitigationThird Party Advisory
- support.dcmtk.org/redmine/issues/1194nvdIssue TrackingThird Party Advisory
- vuldb.com/submit/786061nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/355486nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/355486/ctinvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.