VYPR

Vendor CVEs

Openemr

All CVEs

217 total · sorted by risk
  • CVE-2026-32118Mar 11, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, stored cross-site scripting (XSS) in the Graphical Pain Map ("clickmap") form allows any authenticated clinician to inject arbitrary JavaScript that…

  • CVE-2026-24898Mar 3, 2026
    risk 0.00cvss epss 0.01

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0, an unauthenticated token disclosure vulnerability in the MedEx callback endpoint allows any unauthenticated visitor to obtain the practice's MedEx API tokens,…

  • CVE-2026-25146Mar 3, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. From 5.0.2 to before 8.0.0, there are (at least) two paths where the gateway_api_key secret value is rendered to the client in plaintext. These secret keys being leaked could…

  • CVE-2026-24848Mar 3, 2026
    risk 0.00cvss epss 0.07

    OpenEMR is a free and open source electronic health records and medical practice management application. In 7.0.4 and earlier, the disposeDocument() method in EtherFaxActions.php allows authenticated users to write arbitrary content to arbitrary locations on the server…

  • CVE-2026-25147Feb 27, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, in `portal/portal_payment.php`, the patient id used for the page is taken from the request (`$pid = $_REQUEST['pid'] ?? $pid` and `$pid =…

  • CVE-2026-24488Feb 27, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax sending endpoint allows any authenticated user to read and transmit any file on…

  • CVE-2026-27943Feb 26, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, the eye exam (eye_mag) view loads data by `form_id` (or equivalent) without verifying that the form belongs to the current user’s…

  • CVE-2026-25930Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Layout-Based Form (LBF) printable view accepts `formid` and `visitid` (or `patientid`) from the request and does not verify that the form belongs…

  • CVE-2026-25929Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the document controller’s `patient_picture` context serves the patient’s photo by document ID or patient ID without verifying that the current…

  • CVE-2026-25927Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the DICOM viewer state API (e.g. upload or state save/load) accepts a document ID (`doc_id`) without verifying that the document belongs to the…

  • CVE-2026-25746Feb 25, 2026
    risk 0.00cvss epss 0.03

    OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 contain a SQL injection vulnerability in prescription that can be exploited by authenticated attackers. The vulnerability exists due to insufficient…

  • CVE-2026-25743Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, users with the "Forms administration" role can fill questionnaires ("forms") in patient encounters. The answers to the forms are displayed on the…

  • CVE-2026-25476Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the session expiration check in `library/auth.inc.php` runs only when `skip_timeout_reset` is not present in the request. When `skip_timeout_reset=1`…

  • CVE-2026-25220Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Message Center accepts the URL parameter `show_all=yes` and passes it to `getPnotesByUser()`, which returns all internal messages (all users’…

  • CVE-2026-25164Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the REST API route table in `apis/routes/_rest_routes_standard.inc.php` does not call `RestConfig::request_authorization_check()` for the document and…

  • CVE-2026-24908Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an SQL injection vulnerability in the Patient REST API endpoint allows authenticated users with API access to execute arbitrary SQL queries through…

  • CVE-2026-24890Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the patient portal signature endpoint allows authenticated portal users to upload and overwrite provider…

  • CVE-2026-24487Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the FHIR CareTeam resource endpoint allows patient-scoped FHIR tokens to access care team data for all…

  • CVE-2026-23627Feb 25, 2026
    risk 0.00cvss epss 0.01

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an SQL injection vulnerability in the Immunization module allows any authenticated user to execute arbitrary SQL queries, leading to complete database…

  • CVE-2026-25135Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 have an information disclosure vulnerability that leaks the entire contact information for all users, organizations, and patients in the system to…

  • CVE-2026-25131Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in the OpenEMR order types management system, allowing low-privilege users (such as Receptionist) to add…

  • CVE-2026-25127Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the server does not properly validate user permission. Unauthorized users can view the information of authorized users. Version 8.0.0 fixes the issue.

  • CVE-2026-25124Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the OpenEMR application is vulnerable to an access control flaw that allows low-privileged users, such as receptionists, to export the entire message…

  • CVE-2026-24896Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in OpenEMR’s edih_main.php endpoint, which allows any authenticated user—including low-privilege…

  • CVE-2026-24847Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected to an arbitrary external URL. This can be exploited for phishing attacks…

  • CVE-2026-21443Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the `xl()` translation function returns unescaped strings. While wrapper functions exist for escaping in different contexts (`xlt()` for HTML, `xla()`…

  • CVE-2025-69231Feb 25, 2026
    risk 0.00cvss epss 0.04

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject…

  • CVE-2025-68277Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, when a link is sent via Secure Messaging, clicking the link opens the website within the OpenEMR/Portal site. This behavior could be exploited for…

  • CVE-2025-67752Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper (`oeHttp`/`oeHttpRequest`) disables SSL/TLS certificate verification by default (`verify: false`), making all external…

  • CVE-2025-67491Feb 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Versions 5.0.0.5 through 7.0.3.4 have a stored cross-site scripting vulnerability in the ub04 helper of the billing interface. The variable `$data` is passed in a click event…

  • CVE-2025-67645Jan 27, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a broken access control in the Profile Edit endpoint. An authenticated normal user can modify the request parameters (pubpid / pid) to reference…

  • CVE-2025-54373Jan 27, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a vulnerability where sensitive data is unintentionally revealed to unauthorized parties. Contents of Clinical Notes and Care Plan, where an…

  • CVE-2025-43860May 23, 2025
    risk 0.00cvss epss 0.03

    OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting (XSS) vulnerability in versions prior to 7.0.3.4 allows any authenticated user with patient creation and editing privileges to inject arbitrary…

  • CVE-2025-32967May 23, 2025
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. A logging oversight in versions prior to 7.0.3.4 allows password change events to go unrecorded on the client-side log viewer, preventing administrators from auditing…

  • CVE-2025-32794May 23, 2025
    risk 0.00cvss epss 0.04

    OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting (XSS) vulnerability in versions prior to 7.0.3.4 allows any authenticated user with patient creation privileges to inject arbitrary JavaScript…

  • CVE-2024-22611Apr 3, 2025
    risk 0.00cvss epss 0.05

    OpenEMR 7.0.2 is vulnerable to SQL Injection via \openemr\library\classes\Pharmacy.class.php, \controllers\C_Pharmacy.class.php and \openemr\controller.php.

  • CVE-2025-31117Mar 31, 2025
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. An Out-of-Band Server-Side Request Forgery (OOB SSRF) vulnerability was identified in OpenEMR, allowing an attacker to force the server to make unauthorized requests to…

  • CVE-2025-30149Mar 31, 2025
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. OpenEMR allows reflected cross-site scripting (XSS) in the AJAX Script interface\super\layout_listitems_ajax.php via the target parameter. This vulnerability is fixed in…

  • CVE-2025-29772Mar 31, 2025
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. The POST parameter hidden_subcategory is output to the page without being properly processed. This leads to a reflected cross-site scripting (XSS) vul;nerability in CAMOS…

  • CVE-2025-29789Mar 25, 2025
    risk 0.00cvss epss 0.01

    OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.3.0 are vulnerable to Directory Traversal in the Load Code feature. Version 7.3.0 contains a patch for the issue.

  • CVE-2024-0875Nov 15, 2024
    risk 0.00cvss epss 0.00

    A stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which can then be sent to other users. When the recipient views the malicious message,…

  • CVE-2024-37734Jun 26, 2024
    risk 0.00cvss epss 0.01

    An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request using the noteid parameter.

  • CVE-2024-26476Feb 28, 2024
    risk 0.00cvss epss 0.00

    An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted script to the formid parameter in the ereq_form.php component.

  • CVE-2023-2950May 28, 2023
    risk 0.00cvss epss 0.01

    Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.

  • CVE-2023-2949May 28, 2023
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1.

  • CVE-2023-2943May 27, 2023
    risk 0.00cvss epss 0.01

    Code Injection in GitHub repository openemr/openemr prior to 7.0.1.

  • CVE-2023-2944May 27, 2023
    risk 0.00cvss epss 0.00

    Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.

  • CVE-2023-2946May 27, 2023
    risk 0.00cvss epss 0.00

    Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.

  • CVE-2023-2945May 27, 2023
    risk 0.00cvss epss 0.00

    Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1.

  • CVE-2023-2942May 27, 2023
    risk 0.00cvss epss 0.01

    Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.