{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-12805", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-06-21T04:12:52.334Z", "datePublished": "2026-06-21T19:15:07.079Z", "dateUpdated": "2026-06-23T13:36:58.438Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-06-23T07:07:59.362Z"}, "title": "OFFIS DCMTK ofxml.cc parseFile heap-based overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-122", "lang": "en", "description": "Heap-based Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "OFFIS", "product": "DCMTK", "versions": [{"version": "3.0", "status": "affected"}, {"version": "3.1", "status": "affected"}, {"version": "3.2", "status": "affected"}, {"version": "3.3", "status": "affected"}, {"version": "3.4", "status": "affected"}, {"version": "3.5", "status": "affected"}, {"version": "3.6", "status": "affected"}, {"version": "3.7.0", "status": "affected"}], "cpes": ["cpe:2.3:a:offis:dcmtk:*:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. This patch is called 1d4b3815c0987840a983160bfc671fef63a3105b. It is best practice to apply a patch to resolve this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-06-21T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-06-21T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-06-23T09:09:03.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Fabricio Herrera", "type": "finder"}, {"lang": "en", "value": "Sebastian Mu\u00f1oz", "type": "finder"}, {"lang": "en", "value": "FaboHerrrera (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "FaboHerrrera (VulDB User)", "type": "analyst"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/372599", "name": "VDB-372599 | OFFIS DCMTK ofxml.cc parseFile heap-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/372599/cti", "name": "VDB-372599 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/cve/CVE-2026-12805", "name": "CVE-2026-12805 | CVE Analysis and Report", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/836273", "name": "Submit #836273 | DCMTK 3.7.0 and below Heap-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://support.dcmtk.org/redmine/issues/1208", "tags": ["issue-tracking"]}, {"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d4b3815c0987840a983160bfc671fef63a3105b", "tags": ["patch"]}, {"url": "https://medium.com/@faboherrera.fabo/dcmtk-vulnerability-report-201afc687790", "tags": ["broken-link", "exploit"]}, {"url": "https://github.com/DCMTK/dcmtk/commit/1d4b3815c0987840a983160bfc671fef63a3105b", "tags": ["patch"]}], "tags": ["x_open-source"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-23T13:36:35.242243Z", "id": "CVE-2026-12805", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-23T13:36:58.438Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"tags": ["x_open-source"], "title": "OFFIS DCMTK ofxml.cc parseFile heap-based overflow", "credits": [{"lang": "en", "type": "reporter", "value": "FaboHerrrera (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "affected": [{"cpes": ["cpe:2.3:a:offis:dcmtk:*:*:*:*:*:*:*:*"], "vendor": "OFFIS", "product": "DCMTK", "versions": [{"status": "affected", "version": "3.0"}, {"status": "affected", "version": "3.1"}, {"status": "affected", "version": "3.2"}, {"status": "affected", "version": "3.3"}, {"status": "affected", "version": "3.4"}, {"status": "affected", "version": "3.5"}, {"status": "affected", "version": "3.6"}, {"status": "affected", "version": "3.7.0"}]}], "timeline": [{"lang": "en", "time": "2026-06-21T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-06-21T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-06-21T06:17:56.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/372599", "name": "VDB-372599 | OFFIS DCMTK ofxml.cc parseFile heap-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/372599/cti", "name": "VDB-372599 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/cve/CVE-2026-12805", "name": "CVE-2026-12805 | CVE Analysis and Report", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/836273", "name": "Submit #836273 | DCMTK 3.7.0 and below Heap-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://support.dcmtk.org/redmine/issues/1208", "tags": ["issue-tracking"]}, {"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d4b3815c0987840a983160bfc671fef63a3105b", "tags": ["patch"]}, {"url": "https://medium.com/@faboherrera.fabo/dcmtk-vulnerability-report-201afc687790", "tags": ["broken-link", "exploit"]}, {"url": "https://github.com/DCMTK/dcmtk/commit/1d4b3815c0987840a983160bfc671fef63a3105b", "tags": ["patch"]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. This patch is called 1d4b3815c0987840a983160bfc671fef63a3105b. It is best practice to apply a patch to resolve this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "Heap-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-06-21T19:15:07.079Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-12805", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-23T13:36:35.242243Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-06-23T13:36:41.669Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-12805", "state": "PUBLISHED", "dateUpdated": "2026-06-21T19:15:07.079Z", "dateReserved": "2026-06-21T04:12:52.334Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-06-21T19:15:07.079Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{}

{"bugzilla": {"description": "dcmtk: OFFIS DCMTK: Heap-based buffer overflow in XML parsing", "id": "2491215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491215"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-131", "details": ["A flaw was found in OFFIS DCMTK. A remote attacker could exploit this vulnerability by manipulating input to the XMLNode::parseFile function. This can lead to a heap-based buffer overflow, a type of memory corruption, which may result in information disclosure or denial of service."], "mitigation": {"lang": "en:us", "value": "Users should avoid processing untrusted or unverified XML files with applications that rely on the OFFIS DCMTK library. Implementing strict input validation and restricting the sources of XML data can reduce the exposure to this vulnerability."}, "name": "CVE-2026-12805", "public_date": "2026-06-21T19:15:07Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-12805\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-12805\nhttps://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d4b3815c0987840a983160bfc671fef63a3105b\nhttps://github.com/DCMTK/dcmtk/commit/1d4b3815c0987840a983160bfc671fef63a3105b\nhttps://medium.com/@faboherrera.fabo/dcmtk-vulnerability-report-201afc687790\nhttps://support.dcmtk.org/redmine/issues/1208\nhttps://vuldb.com/cve/CVE-2026-12805\nhttps://vuldb.com/submit/836273\nhttps://vuldb.com/vuln/372599\nhttps://vuldb.com/vuln/372599/cti"], "statement": "This Moderate impact vulnerability in OFFIS DCMTK allows a remote attacker to trigger a heap-based buffer overflow by providing specially crafted XML input to the `XMLNode::parseFile` function. Successful exploitation could lead to information disclosure or denial of service. The public availability of exploit details increases the risk.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.5"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.6"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.7.0"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "DCMTK", "source": "cna", "vendor": "OFFIS"}, "product": "dcmtk", "vendor": "offis"}], "created": "2026-06-21T21:00:08.435460+00:00", "updated": "2026-06-22T13:30:16.809873+00:00", "vendors": ["offis", "offis$PRODUCT$dcmtk"]}