CVE-2026-12805
published 2026-06-21CVE-2026-12805: A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a…
PriorityP340medium6.3CVSS 3.1
AVNACLPRNUIRSUCLILAL
EPSS
0.28%
19.6th percentile
A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. This patch is called 1d4b3815c0987840a983160bfc671fef63a3105b. It is best practice to apply a patch to resolve this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| offis | dcmtk | — | — |
| offis | dcmtk | — | — |
| offis | dcmtk | — | — |
| offis | dcmtk | — | — |
| offis | dcmtk | — | — |
| offis | dcmtk | — | — |
| offis | dcmtk | — | — |
| offis | dcmtk | — | — |
CVSS provenance
nvdv3.16.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
nvdv4.02.1LOWCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat6.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
OFFIS DCMTK up to 3.7.0 ofstd/libsrc/ofxml.cc XMLNode::parseFile heap-based overflow (Issue 1208 / EUVD-2026-38191)
vuldb·2026-06-21·CVSS 6.3
CVE-2026-12805 [MEDIUM] OFFIS DCMTK up to 3.7.0 ofstd/libsrc/ofxml.cc XMLNode::parseFile heap-based overflow (Issue 1208 / EUVD-2026-38191)
A vulnerability, which was classified as critical, was found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow.
This vulnerability appears as CVE-2026-12805. The attack may be performed from remote. In addition, an exploit is available.
It is best practice to apply a patch to resolve this issue.
The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
GHSA
A flaw has been found in OFFIS DCMTK up to 3.7.0.
ghsa_unreviewed·2026-06-21
CVE-2026-12805 [LOW] CWE-119 A flaw has been found in OFFIS DCMTK up to 3.7.0.
A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. This patch is called 1d4b3815c0987840a983160bfc671fef63a3105b. It is best practice to apply a patch to resolve this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Red Hat
dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing
vendor_redhat·2026-06-21·CVSS 6.3
CVE-2026-12805 [MEDIUM] CWE-131 dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing
dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing
A flaw was found in OFFIS DCMTK. A remote attacker could exploit this vulnerability by manipulating input to the XMLNode::parseFile function. This can lead to a heap-based buffer overflow, a type of memory corruption, which may result in information disclosure or denial of service.
Statement: This Moderate impact vulnerability in OFFIS DCMTK allows a remote attacker to trigger a heap-based buffer overflow by providing specially crafted XML input to the `XMLNode::parseFile` function. Successful exploitation could lead to information disclosure or denial of service. The public availability of exploit details increases the risk.
Mitigation: Users should avoid processing untrusted or unverified XML files with applications that re
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-12805 dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing [fedora-all]
bugzilla·2026-06-22·CVSS 6.3
CVE-2026-12805 [MEDIUM] CVE-2026-12805 dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing [fedora-all]
CVE-2026-12805 dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing [fedora-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Bugzilla
CVE-2026-12805 dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing [epel-all]
bugzilla·2026-06-22·CVSS 6.3
CVE-2026-12805 [MEDIUM] CVE-2026-12805 dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing [epel-all]
CVE-2026-12805 dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing [epel-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Bugzilla
CVE-2026-12805 dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing
bugzilla·2026-06-21·CVSS 6.3
CVE-2026-12805 [MEDIUM] CVE-2026-12805 dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing
CVE-2026-12805 dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing
A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. This patch is called 1d4b3815c0987840a983160bfc671fef63a3105b. It is best practice to apply a patch to resolve this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d4b3815c0987840a983160bfc671fef63a3105bhttps://github.com/DCMTK/dcmtk/commit/1d4b3815c0987840a983160bfc671fef63a3105bhttps://medium.com/@faboherrera.fabo/dcmtk-vulnerability-report-201afc687790https://support.dcmtk.org/redmine/issues/1208https://vuldb.com/cve/CVE-2026-12805https://vuldb.com/submit/836273https://vuldb.com/vuln/372599https://vuldb.com/vuln/372599/cti
2026-06-21
Published