These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2025-31946 affects Pixmeo OsiriX MD and is described by CISA as a local use-after-free issue. According to the advisory, an attacker who can locally import a crafted DICOM file may trigger memory corruption or a system crash. The advisory was published on 2025-05-08 and the supplied corpus does not list it in CISA KEV.
CVE-2025-27720 is a high-severity issue in Pixmeo OsiriX MD where the Web Portal sends credential information without encryption. That creates a risk that credentials could be intercepted by an attacker who can observe the traffic path.
CVE-2025-27578 affects Pixmeo OsiriX MD and was published by CISA on 2025-05-08. The advisory says a crafted DICOM file can trigger a use-after-free condition, leading to memory corruption and a denial-of-service impact. The issue is scored CVSS 7.5 (HIGH) with availability impact only. Pixmeo recommends updating to the latest version of OsiriX MD.