Open-emr

175 tracked vulnerabilities.

CVE-2026-25146 CRITICAL
OpenEMR 5.0.2-7.9.9 - Info Disclosure
Mar 03, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-24898 CRITICAL
OpenEMR <8.0.0 - Info Disclosure
Mar 03, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-24848 CRITICAL
OpenEMR <=7.0.4 - Authenticated RCE
Mar 03, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-25147 HIGH
OpenEMR <8.0.0 - Auth Bypass
Feb 27, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-24488 MEDIUM
OpenEMR <=8.0.0 - Arbitrary File Exfiltration
Feb 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-27943 MEDIUM
OpenEMR <=8.0.0 - Privilege Escalation
Feb 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-25930 MEDIUM
OpenEMR <8.0.0 - Auth Bypass
Feb 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-25929 MEDIUM
OpenEMR <8.0.0 - Auth Bypass
Feb 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-25927 HIGH
OpenEMR <8.0.0 - Auth Bypass
Feb 25, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-25746 HIGH
OpenEMR <8.0.0 - SQL Injection
Feb 25, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-25743 MEDIUM
OpenEMR <8.0.0 - Stored XSS
Feb 25, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-25476 HIGH
OpenEMR <8.0.0 - Auth Bypass
Feb 25, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-25220 MEDIUM
OpenEMR <8.0.0 - Privilege Escalation
Feb 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-25164 HIGH
OpenEMR <8.0.0 - Auth Bypass
Feb 25, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-24908 CRITICAL
OpenEMR <8.0.0 - SQL Injection
Feb 25, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-24890 HIGH
OpenEMR <8.0.0 - Auth Bypass
Feb 25, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-24487 MEDIUM
OpenEMR <8.0.0 - Auth Bypass
Feb 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-23627 HIGH
OpenEMR <8.0.0 - SQL Injection
Feb 25, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-25135 MEDIUM
OpenEMR <8.0.0 - Info Disclosure
Feb 25, 2026
CVSS 4.5
EPSS 0.00
CVE-2026-25131 HIGH
OpenEMR <8.0.0 - Privilege Escalation
Feb 25, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-25127 MEDIUM
OpenEMR <8.0.0 - Privilege Escalation
Feb 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-25124 MEDIUM
OpenEMR <8.0.0 - Privilege Escalation
Feb 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-24896 MEDIUM
OpenEMR <8.0.0 - Broken Access Control
Feb 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-24849 CRITICAL
OpenEMR <7.0.4 - Path Traversal
Feb 25, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-24847 MEDIUM
OpenEMR <8.0.0 - Open Redirect
Feb 25, 2026
CVSS 6.1
EPSS 0.00
Products
openemr 175
Quick Filters
Critical CVEs With Exploits In CISA KEV