cbcvebase.

Open-Emr Openemr vulnerabilities

216 known vulnerabilities affecting open-emr/openemr.

Total CVEs
216
CISA KEV
0
Public exploits
20
Exploited in wild
0
Severity breakdown
CRITICAL14HIGH80MEDIUM120LOW2

Vulnerabilities

Page 6 of 11
CVE-2023-2942P3HIGHCVSS 8.1fixed in 7.0.12023-05-27
CVE-2023-2942 [HIGH] CWE-20 CVE-2023-2942: Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1. Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.
nvd
CVE-2022-4567P3HIGHCVSS 8.1fixed in 7.0.0.22022-12-17
CVE-2022-4567 [HIGH] CWE-284 CVE-2022-4567: Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2. Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.
nvd
CVE-2023-2946P3HIGHCVSS 8.1fixed in 7.0.12023-05-27
CVE-2023-2946 [HIGH] CWE-284 CVE-2023-2946: Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
nvd
CVE-2025-67752P3HIGHCVSS 8.1fixed in 7.0.42026-02-25
CVE-2025-67752 [HIGH] CWE-295 CVE-2025-67752: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper (`oeHttp`/`oeHttpRequest`) disables SSL/TLS certificate verification by default (`verify: false`), making all external HTTPS connections vulnerable to man-in-the-middle (MITM) attacks. This affe
nvd
CVE-2025-29789P3HIGHCVSS 7.5fixed in 7.0.32025-03-25
CVE-2025-29789 [HIGH] CWE-23 CVE-2025-29789: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.3.0 are vulnerable to Directory Traversal in the Load Code feature. Version 7.3.0 contains a patch for the issue.
nvd
CVE-2026-24488P3MEDIUMCVSS 6.5≤ 8.0.02026-02-27
CVE-2026-24488 [MEDIUM] CWE-22 CVE-2026-24488: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax sending endpoint allows any authenticated user to read and transmit any file on the server (including database credentials, patient documents, system fi
nvd
CVE-2026-46518P3HIGHCVSS 8.7fixed in 8.0.0.12026-06-10
CVE-2026-46518 [HIGH] CWE-79 CVE-2026-46518: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary JavaScript in a clinician's browser session. Patient demographic fields (name, a
nvd
CVE-2022-2732P3HIGHCVSS 8.3fixed in 7.0.0.12022-08-09
CVE-2022-2732 [HIGH] CWE-862 CVE-2022-2732: Missing Authorization in GitHub repository openemr/openemr prior to 7.0.0.1. Missing Authorization in GitHub repository openemr/openemr prior to 7.0.0.1.
nvd
CVE-2025-32794P3HIGHCVSS 7.6fixed in 7.0.3.42025-05-23
CVE-2025-32794 [HIGH] CWE-79 CVE-2025-32794: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting (XSS) vulnerability in versions prior to 7.0.3.4 allows any authenticated user with patient creation privileges to inject arbitrary JavaScript code into the system by entering malicious payloads in the First and Last Na
nvd
CVE-2017-1000241P3HIGHCVSS 8.1≤ 5.0.12017-11-17
CVE-2017-1000241 [HIGH] CWE-269 CVE-2017-1000241: The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalat The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators.
nvd
CVE-2023-2950P3HIGHCVSS 8.1fixed in 7.0.12023-05-28
CVE-2023-2950 [HIGH] CWE-285 CVE-2023-2950: Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1. Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.
nvd
CVE-2025-43860P3HIGHCVSS 7.6fixed in 7.0.3.42025-05-23
CVE-2025-43860 [HIGH] CWE-79 CVE-2025-43860: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting (XSS) vulnerability in versions prior to 7.0.3.4 allows any authenticated user with patient creation and editing privileges to inject arbitrary JavaScript code into the system by entering malicious payloads in the (1) T
nvd
CVE-2022-1459P3HIGHCVSS 8.3fixed in 6.1.0.12022-04-25
CVE-2022-1459 [HIGH] CWE-1118 CVE-2022-1459: Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6.1. Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6.1.0.1.
nvd
CVE-2013-4620P4MEDIUMCVSS 4.3PoCv4.1.12013-08-09
CVE-2013-4620 [MEDIUM] CWE-79 CVE-2013-4620: Cross-site scripting (XSS) vulnerability in interface/main/onotes/office_comments_full.php in OpenEM Cross-site scripting (XSS) vulnerability in interface/main/onotes/office_comments_full.php in OpenEMR 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the note parameter.
nvd
CVE-2026-24896P3MEDIUMCVSS 6.5fixed in 8.0.02026-02-25
CVE-2026-24896 [MEDIUM] CWE-284 CVE-2026-24896: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in OpenEMR’s edih_main.php endpoint, which allows any authenticated user—including low-privilege roles like Receptionist—to access EDI log files by manipulating the log_select p
nvd
CVE-2026-32120P3MEDIUMCVSS 6.3fixed in 8.0.0.32026-03-25
CVE-2026-32120 [MEDIUM] CWE-639 CVE-2026-32120: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference (IDOR) vulnerability in the fee sheet product save logic (`library/FeeSheet.class.php`) allows any authenticated user with fee sheet ACL access to delete, modify, or read `drug_sales`
nvd
CVE-2026-25147P3HIGHCVSS 7.1fixed in 8.0.02026-02-27
CVE-2026-25147 [HIGH] CWE-639 CVE-2026-25147: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, in `portal/portal_payment.php`, the patient id used for the page is taken from the request (`$pid = $_REQUEST['pid'] ?? $pid` and `$pid = ($_REQUEST['hidden_patient_code'] ?? null) > 0 ? $_REQUEST['hidden_patient_code'] : $p
nvd
CVE-2026-33931P3MEDIUMCVSS 6.5fixed in 8.0.0.32026-03-26
CVE-2026-33931 [MEDIUM] CWE-639 CVE-2026-33931: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference (IDOR) vulnerability in the patient portal payment page allows any authenticated portal patient to access other patients' payment records — including invoice/billing data (PHI) and pay
nvd
CVE-2026-33304P3MEDIUMCVSS 6.5fixed in 8.0.0.22026-03-19
CVE-2026-33304 [MEDIUM] CWE-639 CVE-2026-33304: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization bypass in the dated reminders log allows any authenticated non-admin user to view reminder messages belonging to other users, including associated patient names and free-text message content, by crafting a GET r
nvd
CVE-2026-34056P3MEDIUMCVSS 6.5≤ 8.0.0.32026-03-26
CVE-2026-34056 [MEDIUM] CWE-285 CVE-2026-34056: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low-privilege users to view and download Ensora eRx error logs without proper authorization checks. This flaw compromises system confidentiality by exposi
nvd
Open-Emr Openemr vulnerabilities | cvebase