CVE-2026-24487
published 2026-02-25CVE-2026-24487: OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass…
PriorityP340medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.27%
17.9th percentile
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the FHIR CareTeam resource endpoint allows patient-scoped FHIR tokens to access care team data for all patients instead of being restricted to only the authenticated patient's data. This could potentially lead to unauthorized disclosure of Protected Health Information (PHI), including patient-provider relationships and care team structures across the entire system. The issue occurs because the `FhirCareTeamService` does not implement the `IPatientCompartmentResourceService` interface and does not pass the patient binding parameter to the underlying service, bypassing the patient compartment filtering mechanism. Version 8.0.0 contains a patch for this issue.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| open-emr | openemr | < 8.0.0 | 8.0.0 |
| openemr | openemr | < 8.0.0 | 8.0.0 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv4.05.7MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No advisories linked to this vulnerability.
No detection rules found.
No public exploits indexed.
Hackernews
⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
blogs_hackernews·2026-05-04·CVSS 9.3
CVE-2026-41940 [CRITICAL] ⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## ⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
This week, the shadows moved faster than the patches.
While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems.
The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted commits, and scaling operations like legitimate businesses — except their product is chaos. And the underground is getting uncomfortably professional.
Here’s the full week
Wiz
CVE-2026-24487 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.7
CVE-2026-24487 [MEDIUM] CVE-2026-24487 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-24487 :
OpenEMR vulnerability analysis and mitigation
FhirCareTeamService
IPatientCompartmentResourceService
Source : NVD
## 5.7
Score
Published February 25, 2026
Severity MEDIUM
CNA Score 5.7
Affected Technologies
OpenEMR
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 25.1
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:open-emr:openemr
Sources
Linux Severity MEDIUM Has Fix Added at: Mar 02, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 02, 2026
Linux Severity MEDIUM Has Fix Added at: Mar 03, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 03, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud
2026-02-25
Published