Arbitrary File Read Vulnerability in MedDream PACS by MedDream
CVE-2025-53912

9.6CRITICAL

Key Information:

Vendor: Meddream
Status: Meddream Pacs Premium
Vendor: CVE Published:; 20 January 2026

What is CVE-2025-53912?

An arbitrary file read vulnerability has been identified in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. This vulnerability allows an attacker to send specially crafted HTTP requests, which could lead to unauthorized access to sensitive files on the server. The potential implications of this vulnerability highlight the importance of robust security measures for PACS systems, ensuring that only authorized users can access critical information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MedDream PACS Premium 7.3.6.870

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

9.6

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jan 20, 2026
Vulnerability Reserved
Aug 22, 2025

Credit

Discovered by Marcin 'Icewall' Noga of Cisco Talos.

JSON

Meddream

What is CVE-2025-53912?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.