{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5663", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-06T07:55:05.388Z", "datePublished": "2026-04-06T14:15:11.214Z", "dateUpdated": "2026-04-07T14:06:11.702Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-06T14:15:11.214Z"}, "title": "OFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "OS Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}], "affected": [{"vendor": "OFFIS", "product": "DCMTK", "versions": [{"version": "3.0", "status": "affected"}, {"version": "3.1", "status": "affected"}, {"version": "3.2", "status": "affected"}, {"version": "3.3", "status": "affected"}, {"version": "3.4", "status": "affected"}, {"version": "3.5", "status": "affected"}, {"version": "3.6", "status": "affected"}, {"version": "3.7.0", "status": "affected"}], "cpes": ["cpe:2.3:a:offis:dcmtk:*:*:*:*:*:*:*:*"], "modules": ["storescp"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The patch is named edbb085e45788dccaf0e64d71534cfca925784b8. Applying a patch is the recommended action to fix this issue."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:ND/RL:OF/RC:C"}}], "timeline": [{"time": "2026-04-06T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-06T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-06T10:02:25.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Simon Weber (Machine Spirits)", "type": "finder"}, {"lang": "en", "value": "Volker Sch\u00f6nefeld (Machine Spirits)", "type": "finder"}, {"lang": "en", "value": "simon4machinespirits (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/355486", "name": "VDB-355486 | OFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355486/cti", "name": "VDB-355486 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/786061", "name": "Submit #786061 | OFFIS DCMTK up to 3.7.0 OS Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://machinespirits.com/advisory/2e1627/", "tags": ["related"]}, {"url": "https://support.dcmtk.org/redmine/issues/1194", "tags": ["issue-tracking"]}, {"url": "https://github.com/DCMTK/dcmtk/commit/edbb085e45788dccaf0e64d71534cfca925784b8", "tags": ["patch"]}], "tags": ["x_open-source"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-07T14:05:40.592545Z", "id": "CVE-2026-5663", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T14:06:11.702Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"tags": ["x_open-source"], "title": "OFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injection", "credits": [{"lang": "en", "type": "finder", "value": "Simon Weber (Machine Spirits)"}, {"lang": "en", "type": "finder", "value": "Volker Sch\u00f6nefeld (Machine Spirits)"}, {"lang": "en", "type": "reporter", "value": "simon4machinespirits (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:ND/RL:OF/RC:C"}}], "affected": [{"cpes": ["cpe:2.3:a:offis:dcmtk:*:*:*:*:*:*:*:*"], "vendor": "OFFIS", "modules": ["storescp"], "product": "DCMTK", "versions": [{"status": "affected", "version": "3.0"}, {"status": "affected", "version": "3.1"}, {"status": "affected", "version": "3.2"}, {"status": "affected", "version": "3.3"}, {"status": "affected", "version": "3.4"}, {"status": "affected", "version": "3.5"}, {"status": "affected", "version": "3.6"}, {"status": "affected", "version": "3.7.0"}]}], "timeline": [{"lang": "en", "time": "2026-04-06T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-06T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-06T10:02:25.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/355486", "name": "VDB-355486 | OFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355486/cti", "name": "VDB-355486 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/786061", "name": "Submit #786061 | OFFIS DCMTK up to 3.7.0 OS Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://machinespirits.com/advisory/2e1627/", "tags": ["related"]}, {"url": "https://support.dcmtk.org/redmine/issues/1194", "tags": ["issue-tracking"]}, {"url": "https://github.com/DCMTK/dcmtk/commit/edbb085e45788dccaf0e64d71534cfca925784b8", "tags": ["patch"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The patch is named edbb085e45788dccaf0e64d71534cfca925784b8. Applying a patch is the recommended action to fix this issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "OS Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-06T14:15:11.214Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5663", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-07T14:05:40.592545Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-04-07T14:06:03.815Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-5663", "state": "PUBLISHED", "dateUpdated": "2026-04-06T14:15:11.214Z", "dateReserved": "2026-04-06T07:55:05.388Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-06T14:15:11.214Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The patch is named edbb085e45788dccaf0e64d71534cfca925784b8. Applying a patch is the recommended action to fix this issue."}], "id": "CVE-2026-5663", "lastModified": "2026-04-07T13:20:35.010", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-06T15:17:16.253", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/DCMTK/dcmtk/commit/edbb085e45788dccaf0e64d71534cfca925784b8"}, {"source": "cna@vuldb.com", "url": "https://machinespirits.com/advisory/2e1627/"}, {"source": "cna@vuldb.com", "url": "https://support.dcmtk.org/redmine/issues/1194"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/786061"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355486"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355486/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}, {"lang": "en", "value": "CWE-78"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.5"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.6"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.7.0"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "DCMTK", "source": "cna", "vendor": "OFFIS"}, "product": "dcmtk", "vendor": "offis"}], "analysis": {"en": {"generated_at": "2026-04-06T17:42:25.118594+00:00", "value": {"mitigation_remediation": ["Apply the vendor patch corresponding to commit edbb085e45788dccaf0e64d71534cfca925784b8", "Verify that the patch has been applied and the compromised functions are no longer exposed", "Monitor the DCMTK environment for any signs of exploitation and check for additional vendor updates"], "summary": {"action": "Patch Now", "impact": "Remote OS Command Execution"}, "threat_synthesis": {"affected_systems": "Users operating OFFIS DCMTK 3.7.0 or earlier, specifically the storescp component of the DCMTK package, are susceptible to this flaw.", "description_and_impact": "The vulnerability resides in OFFIS DCMTK\u2019s storescp application, within the executeOnReception/executeOnEndOfStudy functions in storescp.cc. An attacker can manipulate input to trigger OS command injection, allowing execution of arbitrary commands on the host, which constitutes remote code execution and can compromise confidentiality, integrity, and availability of the affected system.", "risk_and_exploitability": "The CVSS score of 6.9 indicates moderate severity; EPSS data is not available and the vulnerability is not currently listed in CISA KEV. Exploitation requires remote access to the DCMTK storescp service and the ability to manipulate input that triggers executeOnReception or executeOnEndOfStudy, making the attack vector remote. Without remediation, an attacker could execute commands with the privileges of the running service, potentially gaining full system control."}}}}, "created": "2026-04-06T20:14:30.577744+00:00", "updated": "2026-04-06T21:32:45.413692+00:00", "vendors": ["offis", "offis$PRODUCT$dcmtk"]}