CVE-2026-5441

Name of the Vulnerable Software and Affected Versions DicomImageDecoder (affected versions not specified)

Description An out-of-bounds read issue exists in the DecodePsmctRle1 function within DicomImageDecoder.cpp. The PMSCT RLE1 decompression routine, used for decoding the Philips Compression format, does not validate escape markers correctly when they are near the end of the compressed data. A specifically crafted sequence at the end of the data can cause the decoder to read beyond the allocated memory, potentially leaking heap data into the image output.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.