Openemr Vulnerabilities

Broken Access Control in OpenEMR Affects Sensitive Health Records

CVE-2026-34056

OpenemrOpenemr7.7HIGH

Improper Access Control in OpenEMR Affects Patient Data Management

CVE-2026-34055

OpenemrOpenemr8.1HIGH

Authorization Bypass in OpenEMR Allows Deletion of Patient Records

CVE-2026-34053

OpenemrOpenemr7.1HIGH

Improper Access Control Vulnerability in OpenEMR by OpenEMR Inc.

CVE-2026-34051

OpenemrOpenemr5.4MEDIUM

Authorization Bypass in OpenEMR Affects Patient Portal Users

CVE-2026-33934

OpenemrOpenemr4.3MEDIUM

Reflected XSS Vulnerability in OpenEMR Electronic Health Records Software

CVE-2026-33933

OpenemrOpenemr6.1MEDIUM

Cross-Site Scripting Vulnerability in OpenEMR Electronic Health Records Application

CVE-2026-33932

OpenemrOpenemr7.6HIGH

Insecure Direct Object Reference in OpenEMR Patient Portal Payment Process

CVE-2026-33931

OpenemrOpenemr6.5MEDIUM

Access Control Vulnerability in OpenEMR by OpenEMR

CVE-2026-33918

OpenemrOpenemr7.6HIGH

SQL Injection Vulnerability in OpenEMR Affects Multiple Versions

CVE-2026-33917

OpenemrOpenemr8.8HIGH

Authentication Bypass Vulnerability in OpenEMR by OpenEMR

CVE-2026-33915

OpenemrOpenemr5.4MEDIUM

Blind SQL Injection in OpenEMR's PostCalendar Module

CVE-2026-33914

OpenemrOpenemr7.2HIGH

File Inclusion Vulnerability in OpenEMR by OpenEMR

CVE-2026-33913

OpenemrOpenemr7.7HIGH

Cross-site scripting vulnerability in OpenEMR prior to version 8.0.0.3

CVE-2026-33912

OpenemrOpenemr5.4MEDIUM

Cross-site Scripting Vulnerability in OpenEMR by OpenEMR

CVE-2026-33911

OpenemrOpenemr5.4MEDIUM

SQL Injection Vulnerability in OpenEMR Healthcare Management Software

CVE-2026-33910

OpenemrOpenemr7.2HIGH

SQL Injection Vulnerability in OpenEMR by OpenEMR

CVE-2026-33909

OpenemrOpenemr5.9MEDIUM

Stored XSS Vulnerability in OpenEMR Affects Patient Encounter Forms

CVE-2026-33348

OpenemrOpenemr8.7HIGH

Insecure Direct Object Reference in OpenEMR's Fee Sheet Management

CVE-2026-32120

OpenemrOpenemr6.5MEDIUM

Blind SQL Injection in OpenEMR's Patient Search Functionality

CVE-2026-29187

OpenemrOpenemr8.1HIGH

Stored Cross-Site Scripting Vulnerability in OpenEMR Patient Portal by OpenEMR

CVE-2026-33346

OpenemrOpenemr8.7HIGH

Authorization Bypass in OpenEMR's FaxSMS Module Affects User Data Security

CVE-2026-33305

OpenemrOpenemr5.4MEDIUM

Authorization Bypass in OpenEMR Affects Medical Practice Management

CVE-2026-33304

OpenemrOpenemr6.5MEDIUM

Stored XSS Vulnerability in OpenEMR Affects Patient Portal Logins

CVE-2026-33303

OpenemrOpenemr5.4MEDIUM

Access Control Flaw in OpenEMR's ACL Function

CVE-2026-33302

OpenemrOpenemr7.3HIGH

openemr Openemr Vulnerabilities

Vulnerability Published:

Sort By:

25 March 2026

Broken Access Control in OpenEMR Affects Sensitive Health Records

Improper Access Control in OpenEMR Affects Patient Data Management

Authorization Bypass in OpenEMR Allows Deletion of Patient Records

Improper Access Control Vulnerability in OpenEMR by OpenEMR Inc.

Authorization Bypass in OpenEMR Affects Patient Portal Users

Reflected XSS Vulnerability in OpenEMR Electronic Health Records Software

Cross-Site Scripting Vulnerability in OpenEMR Electronic Health Records Application

Insecure Direct Object Reference in OpenEMR Patient Portal Payment Process

Access Control Vulnerability in OpenEMR by OpenEMR

SQL Injection Vulnerability in OpenEMR Affects Multiple Versions

Authentication Bypass Vulnerability in OpenEMR by OpenEMR

Blind SQL Injection in OpenEMR's PostCalendar Module

File Inclusion Vulnerability in OpenEMR by OpenEMR

Cross-site scripting vulnerability in OpenEMR prior to version 8.0.0.3

Cross-site Scripting Vulnerability in OpenEMR by OpenEMR

SQL Injection Vulnerability in OpenEMR Healthcare Management Software

SQL Injection Vulnerability in OpenEMR by OpenEMR

Stored XSS Vulnerability in OpenEMR Affects Patient Encounter Forms

Insecure Direct Object Reference in OpenEMR's Fee Sheet Management

Blind SQL Injection in OpenEMR's Patient Search Functionality

19 March 2026

Stored Cross-Site Scripting Vulnerability in OpenEMR Patient Portal by OpenEMR

Authorization Bypass in OpenEMR's FaxSMS Module Affects User Data Security

Authorization Bypass in OpenEMR Affects Medical Practice Management

Stored XSS Vulnerability in OpenEMR Affects Patient Portal Logins

Access Control Flaw in OpenEMR's ACL Function