Arbitrary Document Modification in epa4all-client for Telematik Infrastruktur
CVE-2026-47672

6.5MEDIUM

Key Information:

Vendor: Oviva-ag
Status: Epa4all-client
Vendor: CVE Published:; 26 May 2026

What is CVE-2026-47672?

The epa4all-client, a Java Client designed for the epa4all / ePA 3.0 system used within the Telematik Infrastruktur, is susceptible to an arbitrary document modification vulnerability. Versions 1.2.4 and earlier allow any network-reachable caller to write unauthorized documents to any patient's electronic health record associated with the institution's SMC-B card. This issue may arise due to misconfigurations, particularly in deployments following the provided production Docker example in the README file, making it exploitable from the local network without any credentials.

Affected Version(s)

epa4all-client <= 1.2.4

References

https://github.com/oviva-ag/epa4all-client/security/advis...

x_refsource_CONFIRM

https://github.com/oviva-ag/epa4all-client/pull/43

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2026
Vulnerability Reserved
May 19, 2026

CVE-2026-47672 Data

JSON

Oviva-ag

What is CVE-2026-47672?

Affected Version(s)

References

CVSS V3.1

Timeline