Machine Spirits Logo

Security Advisories

Responsible vulnerability disclosures from our security research.

As part of our security research, we identify and responsibly disclose vulnerabilities in software used in healthcare and critical infrastructure. We work closely with vendors to ensure issues are resolved before publication. Each advisory below documents a confirmed vulnerability along with its impact and recommended mitigation.

6 Critical11 High1 Medium18 total

gematik

German Healthcare Infrastructure

1 Critical1 High1 Medium

gematik Authenticator

Authentication Flow Hijack

Critical 9.3CVE-2026-338752026-03-26

gematik Authenticator

Remote Code Execution

High 7.8CVE-2026-338742026-03-26

gematik ref-idp-server

Open Redirect via Unvalidated redirect_uri

Medium 6.12026-03-26

Orthanc

PACS / DICOM Server

3 Critical6 High

Orthanc DICOM Server

Heap Buffer Overflow in DICOM Image Decoder (Palette Color Decode)

Critical 9.8CVE-2026-54432026-04-02

Orthanc DICOM Server

Heap Buffer Overflow in DICOM Image Decoder via VR UL Dimensions

Critical 9.8CVE-2026-54422026-04-02

Orthanc DICOM Server

Out-of-Bounds Read in DICOM Image Decoder (DecodeLookupTable)

Critical 9.1CVE-2026-54452026-04-02

Orthanc DICOM Server

Out-of-Bounds Read in DicomStreamReader Meta-Header Parser

High 7.5CVE-2026-54372026-04-02

Orthanc DICOM Server

Memory Exhaustion via Unbounded Content-Length

High 7.5CVE-2026-54402026-04-02

Orthanc DICOM Server

Memory Exhaustion via Forged ZIP Metadata

High 7.5CVE-2026-54392026-04-02

Orthanc DICOM Server

GZIP Decompression Bomb via Content-Encoding Header

High 7.5CVE-2026-54382026-04-02

Orthanc DICOM Server

Out-of-Bounds Read in DICOM Image Decoder (PMSCT_RLE1 Decompression)

High 7.1CVE-2026-54412026-04-02

Orthanc DICOM Server

Heap Buffer Overflow in PAM Image Buffer Allocation

High 7.1CVE-2026-54442026-04-02

OpenMRS

Electronic Medical Record Platform

1 Critical

OpenMRS Core

Stored Velocity SSTI to RCE via ConceptReferenceRange

Critical 9.1CVE-2026-412582026-05-04

Oviva

ePA Client (Elektronische Patientenakte)

3 High

Oviva epa4all-client

VAU Signature Verification Bypass

High 8.1CVE-2026-449002026-05-05

Oviva epa4all-client

TLS Certificate Validation Disabled in Production

High 8.1CVE-2026-455742026-05-11

Oviva epa4all-client

IDP Discovery Document Signature Bypass

High 7.4CVE-2026-455752026-05-11

DCMTK

OFFIS DICOM Toolkit

1 Critical

DCMTK storescp

OS Command Injection via Placeholder Substitution

Critical 9.8CVE-2026-56632026-04-06

Robert Koch Institut (RKI)

Metadata Exchange Platform

1 High

MEx Backend

Broken Access Control on DELETE Endpoint

High 8.12026-04-10