Unrated severityNVD Advisory· Published Mar 25, 2026· Updated Mar 28, 2026
OpenEMR has Improper ACL On Import/Export Popup
CVE-2026-34051
Description
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 have an improper access control on the Import/Export functionality, allowing unauthorized users to perform import and export actions through direct request manipulation despite UI restrictions. This can lead to unauthorized data access, bulk data extraction, and manipulation of system data. Version 8.0.0.3 contains a fix.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/openemr/openemr/commit/81c097f7852fc60d45adf6c13baa86cd0a1b400bmitrex_refsource_MISC
- github.com/openemr/openemr/releases/tag/v8_0_0_3mitrex_refsource_MISC
- github.com/openemr/openemr/security/advisories/GHSA-54m8-wpg9-9665mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.