VYPR
Vendor

Merge

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2018-25298MedApr 29, 2026
    risk 0.34cvss 5.3epss 0.00

    Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login…

  • CVE-2024-23913MedMay 3, 2024
    risk 0.26cvss 4.0epss 0.00

    Use of Out-of-range Pointer Offset vulnerability in Merge DICOM Toolkit C/C++ on Windows. When deprecated MC_XML_To_Message() function is used to read a malformed DICOM XML file, it might result in memory access violation.

  • CVE-2024-23912MedMay 3, 2024
    risk 0.26cvss 4.0epss 0.00

    Out-of-bounds Read vulnerability in Merge DICOM Toolkit C/C++ on Windows. When MC_Open_File() function is used to read a malformed DICOM data, it might result in over-reading memory buffer and could cause memory access violation.