Back to CVE List

CVE-2026-25127

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
6.5 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Vulnerability Description

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the server does not properly validate user permission. Unauthorized users can view the information of authorized users. Version 8.0.0 fixes the issue.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-863
Source
NVD
Vendor
openemr
Product
openemr

External References

Discussion (0)

Add Comment

No comments yet. Be the first!