A vulnerability, which was classified as critical , was found in OFFIS DCMTK up to 3.7.0 . The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc . Executing a manipulation can lead to heap-based buffer overflow. This vulnerability appears as CVE-2026-12805 . The attack may be performed from remote. In addition, an exploit is available. It is best practice to apply a patch to resolve this issue. The vendor was contacted early, responded in a very professiona