← Back to home
ICSMA-26-176-01  ·  Published 2026-06-25  ·  View on CISA ICS-CERT ↗

pydicom pynetdicom Library

CVSS 9.1 CRITICAL

Risk Summary

Successful exploitation of this vulnerability could allow an unauthenticated attacker to write to arbitrary file paths.

CVEs (1)

Remediations

  • The maintainer of pynetdicom has not responded to requests to work with CISA to mitigate this vulnerability. For update information, refer to the github page https://github.com/pydicom/pynetdicom.

Affected Vendors

pydicom

Affected Products (1)

pydicom · pynetdicom >=v1.0.0|<v3.0.4

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more