CVE-2026-50254 – OFFIS DCMTK Toolkit Missing Release of Memory after Effective Lifetime

CVE ID :CVE-2026-50254

Published : June 30, 2026, 9:14 p.m. | 32 minutes ago

Description :An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…