CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

pydicom pynetdicom Library

criticalCVE-2026-56445
View CSAF Summary Successful exploitation of this vulnerability could allow an unauthenticated attacker to write to arbitrary file paths. The following versions of pydicom pynetdicom Library are affected: pynetdicom >=v1.0.0|<v3.0.4 CVSS Vendor Equipment Vulnerabilities v3 9.1 pydicom pydicom pynetdicom Library Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Background Critical Infrastructure Sectors: Healthcare and Public Health Countries/Areas Deployed: Worldwide Company Headquarters Location: United States Vulnerabilities Expand All + CVE-2026-56445 The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join() without sanitization, allowing file writes to arbitrary paths. View CVE Details Affected Products pydicom pynetdicom Library Vendor: pydicom Product Version: pydicom pynetdicom: >=v1.0.0|<v3.0.4 Product Status: known_affected Remediations Vendor fix The maintainer of pynetdicom has not responded to requests to work with CISA to mitigate this vulnerability. For update information, refer to the github page https://github.com/pydicom/pynetdicom. https://github.com/pydicom/pynetdicom Relevant CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Metrics CVSS Version Base Score Base Severity Vector String 3.1 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 4.0 8.8 HIGH CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N Acknowledgments Simon Weber and Volker Schönefeld of Machine Spirits UG reported this vulnerability to CISA Legal Notice and Terms of Use This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy). Recommended Practices CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system devices and/or systems

CSIRTS triage

What
A vulnerability could allow an unauthenticated attacker to write to arbitrary file paths.
Who is affected
Users of pydicom pynetdicom Library versions in the specified range.
Urgency
Critical urgency due to the potential for arbitrary file writes.
Action
Upgrade to pynetdicom version 3.0.4 or later.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch pynetdicom Library

Get an email when a new pynetdicom Library advisory drops — max one per day, one-click unsubscribe.

Details

Source
CISA Cybersecurity Advisories (US · national-cert · site)
Severity
critical
Published
2026-06-25
Exploitation
Not in CISA KEV at last sync

Original advisory: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-176-01

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2026-56445coverage & exploitation statusNVD · CVE.org

Same CVEs, other sources

How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.

More from CISA Cybersecurity Advisories