openemr Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by openemr
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Stored Cross-Site Scripting Vulnerability in OpenEMR Affected by Malicious JavaScript Injection
CVE-2025-43860OpenemrOpenemr7.6HIGHStored Cross-Site Scripting in OpenEMR by OpenEMR
CVE-2025-32794OpenemrOpenemr7.6HIGHSQL Injection Vulnerability in OpenEMR by OpenEMR Inc.
CVE-2024-22611OpenEMR Inc.OpenEMR9.8CRITICALCross-Site Scripting Vulnerability in OpenEMR Electronic Health Records Application
CVE-2025-31121OpenemrOpenemr7HIGHStored XSS Vulnerability in OpenEMR's Bronchitis Form Component
CVE-2025-30161OpenemrOpenemr8.4HIGHReflected Cross-Site Scripting Vulnerability in OpenEMR by Open Source Vendor
CVE-2025-29772OpenemrOpenemr7.2HIGHImproper Authorization in openemr/openemr
CVE-2023-2950openemropenemr/openemr8.1HIGHImproper Access Control in openemr/openemr
CVE-2023-2946openemropenemr/openemr8.1HIGHImproper Input Validation in openemr/openemr
CVE-2023-2942openemropenemr/openemr8.1HIGHCode Injection in openemr/openemr
CVE-2023-2943openemropenemr/openemr8.8HIGHCross-site Scripting (XSS) - Reflected in openemr/openemr
CVE-2022-4615OpenemrOpenemr/openemr8.3HIGHImproper Access Control in openemr/openemr
CVE-2022-4567OpenemrOpenemr/openemr8.1HIGHCross-site Scripting (XSS) - Reflected in openemr/openemr
CVE-2022-4502OpenemrOpenemr/openemr7.3HIGHImproper Input Validation in openemr/openemr
CVE-2022-4504OpenemrOpenemr/openemr7.1HIGHAuthorization Bypass Through User-Controlled Key in openemr/openemr
CVE-2022-4505OpenemrOpenemr/openemr8.8HIGHUnrestricted Upload of File with Dangerous Type in openemr/openemr
CVE-2022-4506OpenemrOpenemr/openemr7.6HIGHAuthorization Bypass Through User-Controlled Key in openemr/openemr
CVE-2022-2824OpenemrOpenemr/openemr8.8HIGHImproper Restriction of Rendered UI Layers or Frames in openemr/openemr
CVE-2022-2734OpenemrOpenemr/openemr10CRITICALMissing Authorization in openemr/openemr
CVE-2022-2732OpenemrOpenemr/openemr8.3HIGHCross-site Scripting (XSS) - Reflected in openemr/openemr
CVE-2022-2733OpenemrOpenemr/openemrEPSS 88%9.6CRITICALData Access from Outside Expected Data Manager Component in openemr/openemr
CVE-2022-2493OpenemrOpenemr/openemr8.3HIGHNon Privilege User can Enable or Disable Registered in openemr/openemr
CVE-2022-1461OpenemrOpenemr/openemr8.1HIGHNon-Privilege User Can View Patient’s Disclosures in openemr/openemr
CVE-2022-1459OpenemrOpenemr/openemr8.3HIGHStored XSS Leads To Session Hijacking in openemr/openemr
CVE-2022-1458OpenemrOpenemr/openemrEPSS 10%7.3HIGHSQL Injection Vulnerabilities in phpGACL 3.3.7 by phpGACL
CVE-2020-13567OpenemrOpenemr8.8HIGH