CVE-2025-53618

Name of the Vulnerable Software and Affected Versions Grassroot DICOM version 3.024

Description An out-of-bounds read issue exists in the JPEGBITSCodec::InternalCode functionality. A specially crafted DICOM file can cause an information leak. An attacker can trigger this by providing a malicious file. The grayscale convert function is called based on the value of the malicious DICOM file, which specifies the intended interpretation of the image pixel data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.