8.8
CVE-2026-25131 - OpenEMR has Broken Access Control in Procedures Configuration
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in the OpenEMR order types management system, allowing low-privilege users (such as Receptionist) to add and modify procedure…
7
CVE-2026-25127 - OpenEMR has Broken Access Control on Care Coordination Module
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the server does not properly validate user permission. Unauthorized users can view the information of authorized users. Version 8.0.0 fixes the issue.
6.5
CVE-2026-25124 - OpenEMR has Broken Access Control in Report/Clients/Message List CSV Export
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the OpenEMR application is vulnerable to an access control flaw that allows low-privileged users, such as receptionists, to export the entire message list containing sens…
6.5
CVE-2026-24896 - OpenEMR has Broken Access Control that allows unauthorized access to EDI Logs
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in OpenEMR’s edih_main.php endpoint, which allows any authenticated user—including low-privilege roles like Receptionist—to a…
10
CVE-2026-24849 - OpenEMR Arbitrary File Read Vulnerability
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the `disposeDocument()` method in `EtherFaxActions.php` allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user (regardless …
6.1
CVE-2026-24847 - OpenEMR has Open Redirect in Eye Exam Form
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected to an arbitrary external URL. This can be exploited for phishing attacks against healthcare provid…
8.5
CVE-2026-2914 - Privilege Elevation via Endpoint Privilege Manager Elevation Dialogs
CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs
1.2
CVE-2026-21443 - OpenEMR allows inconsistent escaping of translation function output
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the `xl()` translation function returns unescaped strings. While wrapper functions exist for escaping in different contexts (`xlt()` for HTML, `xla()` for attributes, `xl…
8.7
CVE-2025-69231 - OpenEMR has a Stored XSS in GAD-7 Form that Enables Session Hijacking and Privilege Escalation
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript that …
7.2
CVE-2025-68277 - OpenEMR allows links sent via Secure Messaging to be opened in OpenEMR and Portal
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, when a link is sent via Secure Messaging, clicking the link opens the website within the OpenEMR/Portal site. This behavior could be exploited for phishing. Version 7.0.4…