CVE Catalog

CVE-2026-56445

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.43%

35th percentile — higher than 35% of all known CVEs

Summary

The vulnerability in the qrscp application consists of the C-STORE handler using a specific instance from attacker-supplied DICOM datasets directly in os.path.join() without sanitization, allowing file writes to arbitrary paths.

Risk Assessment

An attacker can write files to any location in the filesystem, potentially overwriting critical system or application files, leading to privilege escalation or execution of malicious code.

Recommendation

Update the qrscp application to the latest version that includes a fix for the vulnerability. Until the update is applied, restrict access to the C-STORE service to trusted sources only.

Original NVD description (English source)

The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join() without sanitization, allowing file writes to arbitrary paths.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS