OHIF Viewer
OIDC Credential Theft via Externally Controlled URL
A configuration shipped in the official OHIF Viewer distribution allows a crafted link to cause an authenticated user's session credentials to be sent to an attacker-controlled server. A single click by a logged-in clinician is sufficient; the attacker needs no credentials of their own. The OHIF maintainers have released a fix in v3.12.2: the affected data sources now validate the URL they fetch against an operator-configured origin allowlist before a request inherits the user's token. Deployments on v3.12.0 or earlier should upgrade to v3.12.2 or later. The issue is tracked as CVE-2026-12473 and published by CISA as advisory ICSMA-26-176-02.
This advisory contains limited information during coordinated disclosure. Please check back later for full details.
Description
We reported this privately to the OHIF maintainers in February 2026. They responded constructively, developed and released a fix, and engaged with us to validate the remediation. We appreciate their responsiveness and the project's work on open medical imaging.
The fix is published in OHIF Viewer v3.12.2. The data sources that load a study from an external URL now apply an origin policy before issuing a request that carries the user's token, so in authenticated deployments only operator-allowlisted origins are fetched and a crafted link can no longer redirect a token-bearing request to an attacker's server. Operators should upgrade to v3.12.2 or later. The issue is now tracked as CVE-2026-12473 and published by CISA as advisory ICSMA-26-176-02.
Impact
- An attacker who delivers a crafted link to an authenticated OHIF user can cause that user's OIDC bearer token to be transmitted to an attacker-controlled server. The captured token can be replayed against the imaging backend to access the patient studies (PHI) the user is authorised to view. Exploitation requires only a single click by an already-authenticated user and no credentials on the attacker's side.
Mitigation
Upgrade to OHIF Viewer v3.12.2 or later, which validates the fetched URL against an operator-configured origin allowlist before a request carries the user's token. Operators who need the affected data sources in authenticated deployments must additionally configure that allowlist; deployments that do not use them should remove the unused data sources from their configuration. Deployments on v3.12.0 or earlier remain affected until upgraded.
References
How We Can Help
Who We Are
The security researchers behind this advisory.

Dr. rer. nat. Simon Weber
Senior Pentester & MedSec Researcher
I evaluate your SaMD with the same industry-defining security insight I contributed to the BAK MV for the revision of the B3S standard.
- PhD on Hospital Cybersecurity
- Critical vulnerabilities found in hospital systems
- Alumni of THB MedSec Research Group
- gematik Security Hero

Dipl.-Inf. Volker Schönefeld
Senior Application Security Expert
As a former CTO and developer turned pentester, I work alongside your team to uncover vulnerabilities and find solutions that fit your architecture.
- 20+ years as CTO, 50M+ app downloads
- Architected and secured large-scale IoT fleets
- Certified Web Exploitation Specialist
- gematik Security Hero
Looking for a Penetration Test?
Machine Spirits specializes in security assessments for medical devices and healthcare IT. From MDR penetration testing to C5 cloud compliance, we help MedTech companies meet regulatory requirements.
