cbcvebase.
CVE-2025-67645
published 2026-01-28

CVE-2025-67645: OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a broken access control…

PriorityP357high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.33%
25.1th percentile
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a broken access control in the Profile Edit endpoint. An authenticated normal user can modify the request parameters (pubpid / pid) to reference another user’s record; the server accepts the modified IDs and applies the changes to that other user’s profile. This allows one user to alter another user’s profile data (name, contact info, etc.), and could enable account takeover. Version 7.0.4 fixes the issue.

Affected

2 ranges
VendorProductVersion rangeFixed in
open-emropenemr
openemropenemr< 7.0.47.0.4
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.