CVE-2026-5445

Name of the Vulnerable Software and Affected Versions DicomImageDecoder (affected versions not specified)

Description An out-of-bounds read issue exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic for PALETTE COLOR images does not validate pixel indices against the lookup table size. Specifically, crafted images with indices exceeding the palette size can cause the decoder to read beyond the allocated lookup table memory, potentially exposing heap contents in the output image.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.