CVE-2026-56445
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk35th percentile — higher than 35% of all known CVEs
Summary
The vulnerability in the qrscp application consists of the C-STORE handler using a specific instance from attacker-supplied DICOM datasets directly in os.path.join() without sanitization, allowing file writes to arbitrary paths.
Risk Assessment
An attacker can write files to any location in the filesystem, potentially overwriting critical system or application files, leading to privilege escalation or execution of malicious code.
Recommendation
Update the qrscp application to the latest version that includes a fix for the vulnerability. Until the update is applied, restrict access to the C-STORE service to trusted sources only.
Original NVD description (English source)
The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join() without sanitization, allowing file writes to arbitrary paths.

