VYPR
Unrated severityNVD Advisory· Published Mar 25, 2026· Updated Mar 26, 2026

OpenEMR has a SQL Injection Vulnerability in patient selection

CVE-2026-33910

Description

OpenEMR is a free and open source electronic health records and medical practice management application. Versions up to and including 8.0.0.2 contain a SQL injection vulnerability in the patient selection feature that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input validation in the patient selection feature. Version 8.0.0.3 contains a patch.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Openemr/Openemrllm-fuzzy2 versions
    <=8.0.0.2+ 1 more
    • (no CPE)range: <=8.0.0.2
    • (no CPE)range: < 8.0.0.3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.