Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OpenEMR — Vulnerabilities & Security Advisories 120

Browse all 120 CVE security advisories affecting OpenEMR. AI-powered Chinese analysis, POCs, and references for each vulnerability.

OpenEMR is an open-source electronic health record and medical practice management application designed to facilitate patient data management and clinical workflows. Historically, its codebase has exhibited significant security flaws, with over 120 Common Vulnerabilities and Exposures (CVEs) recorded. These vulnerabilities predominantly involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and improper access controls within the PHP-based architecture. Notable incidents include critical flaws allowing unauthenticated attackers to execute arbitrary commands or bypass authentication mechanisms, exposing sensitive patient information. The high volume of historical CVEs reflects challenges in maintaining rigorous security standards across a large, community-driven codebase. While recent updates have addressed many issues, the application’s complexity and extensive feature set continue to present attack surfaces that require diligent patching and configuration hardening to mitigate risks associated with data breaches and unauthorized system access.

Top products by OpenEMR: OpenEMR openemr/openemr
CVE IDTitleCVSSSeverityPublished
CVE-2026-25928 OpenEMR Vulnerable to Path Traversal When Zipping DICOM Folders — openemrCWE-22 6.5 Medium2026-03-19
CVE-2026-25744 OpenEMR: POST /api/.../vital Accepts Attacker-Supplied id and Overwrites Arbitrary Vitals — openemrCWE-639 6.5 Medium2026-03-19
CVE-2026-25745 OpenEMR's Message Update Ignores Patient id — openemrCWE-639 6.5 Medium2026-03-18
CVE-2026-32127 SQL Injection Vulnerability in ajax graphs library (OpenEMR) — openemrCWE-89 8.8 High2026-03-11
CVE-2026-32126 OpenEMR: Inverted ACL Condition in CDR ControllerRouter Allows Any Authenticated User to Modify/Delete Clinical Rules and Plans — openemrCWE-862 7.1 High2026-03-11
CVE-2026-32125 OpenEMR: Stored XSS in Track Anything Graphs via Unescaped Dygraph Titles/Labels — openemrCWE-79 5.4 Medium2026-03-11
CVE-2026-32124 OpenEMR: Dynamic Code Picker Renders Unescaped Descriptions (Stored XSS) — openemrCWE-79 5.4 Medium2026-03-11
CVE-2026-32123 OpenEMR: Therapy Group Sensitivity ACL No Longer Enforced — openemrCWE-863 7.7 High2026-03-11
CVE-2026-32122 OpenEMR: Missing Authorization on Claim File Tracker UI and AJAX Endpoint (V2) — openemrCWE-862 4.3 Medium2026-03-11
CVE-2026-32121 OpenEMR: Stored DOM XSS via `.html()` in Portal Signer Modal — openemrCWE-79 7.7 High2026-03-11
CVE-2026-32118 OpenEMR has Stored XSS in Graphical Pain Map legend via unescaped annotation text — openemrCWE-79 5.4 Medium2026-03-11
CVE-2026-24898 OpenEMR has an Unauthenticated MedEx Token Disclosure — openemrCWE-287 10.0 Critical2026-03-03
CVE-2026-25146 OpenEMR's payments gateway_api_key secret rendered into client JS code — openemrCWE-200 9.6 Critical2026-03-03
CVE-2026-24848 OpenEMR Arbitrary File Write leading to Remote Code Execution — openemrCWE-22 8.8AIHighAI2026-03-03
CVE-2026-25147 OpenEMR's Portal Payment Endpoint Trusts User-Controlled pid — openemrCWE-639 7.1 High2026-02-27
CVE-2026-24488 OpenEMR Vulnerable to Arbitrary File Exfiltration via Fax Endpoint — openemrCWE-22 6.5 Medium2026-02-27
CVE-2026-27943 OpenEMR's Eye Exam View Trusts form_id Without Verifying Patient/Encounter Ownership — openemrCWE-639 6.5 Medium2026-02-26
CVE-2026-25930 OpenEMR's Printable LBF Endpoint Leaks Arbitrary Patient Forms — openemrCWE-639 6.5 Medium2026-02-25
CVE-2026-25929 OpenEMR Patient Picture Context Allows Arbitrary Patient Photo Retrieval — openemrCWE-639 6.5 Medium2026-02-25
CVE-2026-25927 OpenEMR Missing Authorization Checks in DICOM Viewer State API — openemrCWE-639 7.1 High2026-02-25
CVE-2026-25746 OpenEMR has SQL Injection Vulnerability — openemrCWE-89 8.8 High2026-02-25
CVE-2026-25743 OpenEMR has Stored XSS in Questionnaire answers — openemrCWE-79 5.4AIMediumAI2026-02-25
CVE-2026-25476 OpenEMR has Session Timeout Bypass via skip_timeout_reset — openemrCWE-613 7.5 High2026-02-25
CVE-2026-25220 OpenEMR Messages "Show All" Not Restricted to Admins — openemrCWE-639 4.3AIMediumAI2026-02-25
CVE-2026-25164 OpenEMR's Document and Insurance REST Endpoints Skip ACL — openemrCWE-862 8.1 High2026-02-25
CVE-2026-24908 OpenEMR has SQL Injection in Patient API Sort Parameter — openemrCWE-89 10.0 Critical2026-02-25
CVE-2026-24890 OpenEMR Portal Users Can Forge Provider Signatures — openemrCWE-285 8.1 High2026-02-25
CVE-2026-24487 OpenEMR has FHIR Patient Compartment Bypass in CareTeam Resource — openemrCWE-200 7.5AIHighAI2026-02-25
CVE-2026-23627 OpenEMR has SQL Injection in Immunization Search/Report — openemrCWE-89 8.8AIHighAI2026-02-25
CVE-2026-25135 OpenEMR's location resource for Group.$export operation returns entire patient/user population contact information — openemrCWE-200 4.5 Medium2026-02-25

This page lists every published CVE security advisory associated with OpenEMR. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.