Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Openemr
Openemr

openemr Vulnerabilities: CVEs, CISA KEV & Security Advisories

210 CVEs

openemr Vulnerabilities

CVE security advisories and vulnerability history for openemr by openemr.

210

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

111

Public exploits

With known exploit

7.0

Avg CVSS

2006–2026

Last updated March 25, 2026

Overview

openemr has 210 published CVE records since 2006, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 111 have a known public exploit. The average CVSS base score across scored CVEs is 7.0.

This page aggregates every publicly disclosed vulnerability (CVE) affecting openemr, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of openemr's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical12

High65

Medium56

Low3

74 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

0

None of openemr's CVEs are currently listed in CISA's KEV catalog.

Public exploits

111

111 of openemr's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every openemr version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

Fixed in

b91b73600327acb46252b9fce7d04467eea126fd23 CVEs
7c96c8eefe460d6fadbccbe93d0fa6bf819acd6919 CVEs
8f6b1724e1a71df6a4c2ba0aeaf900a877b2054612 CVEs
d7ddb2dcb11332944c1e193ae0ac32eabe439f7c12 CVEs
6abd4c8c6ef86d2b018b274a33037f533439487d11 CVEs
4f6a815c191c141d03915aee35ea15952c4991928 CVEs
772513b42925374c6a471c770cdfbee8d5eb933f8 CVEs
466c4a32aa633b98a382c35f45fd902688ed83e77 CVEs
56c81eaa9c98a4cb7e9fdeabc139d13e19aa916e7 CVEs
0fadc3e592d84bc9dfe9e0403f8bd6e3c7d8427f6 CVEs
6b904654a45fca8965a49f556d9c517384f92a2e

Find a version

210 CVEs

Sort

OpenEMR has a Privilege Escalation that Allows a Low-Level User to View Admin-Only Data
CVE-2026-34056
Public exploit
CWE-425
High · CVSS 7.7
EPSS 0.0% (8th pct)2026-03-25
OpenEMR has IDOR in Patient Notes Web UI allows unauthorized note access/modification
CVE-2026-34055
Patch
CWE-639
High · CVSS 8.1
EPSS 0.0% (4th pct)2026-03-25
OpenEMR Missing Authorization in Procedure Order AJAX Deletion Handler
CVE-2026-34053
Public exploit
Patch
CWE-862
High · CVSS 7.1
EPSS 0.0% (6th pct)2026-03-25
OpenEMR has Improper ACL On Import/Export Popup
CVE-2026-34051
Public exploit
Patch
CWE-425
Medium · CVSS 5.4
EPSS 0.0% (7th pct)2026-03-25
OpenEMR's Missing Authorization in show-signature.php Allows Portal Patients to Read Staff Signatures
CVE-2026-33934
Public exploit
Patch
CWE-639
Medium · CVSS 4.3
EPSS 0.1% (18th pct)2026-03-25
Reflected XSS via Unescaped contextName Parameter in Custom Template Editor
CVE-2026-33933
Public exploit
Patch
CWE-79
Medium · CVSS 6.1
EPSS 0.0% (7th pct)2026-03-25
OpenEMR has Stored XSS in CCDA Preview via Unsanitized linkHtml Attributes
CVE-2026-33932
Patch
CWE-79
High · CVSS 7.6
EPSS 0.0% (12th pct)2026-03-25
OpenEMR has IDOR in Portal Payment Page that Allows Cross-Patient Record Access
CVE-2026-33931
Public exploit
Patch
CWE-639
Medium · CVSS 6.5
EPSS 0.0% (7th pct)2026-03-25
OpenEMR Missing Authorization on Claim File Download Endpoint
CVE-2026-33918
Patch
CWE-862
High · CVSS 7.6
EPSS 0.0% (15th pct)2026-03-25
OpenEMR has SQL Injection in CAMOS Form
CVE-2026-33917
Public exploit
Patch
CWE-89
High · CVSS 8.8
EPSS 0.0% (0th pct)2026-03-25
OpenEMR Missing ACL Checks on Insurance Company API Routes
CVE-2026-33915
Patch
CWE-862
Medium · CVSS 5.4
EPSS 0.0% (4th pct)2026-03-25
OpenEMR has SQL Injection in PostCalendar Category Delete
CVE-2026-33914
Public exploit
Patch
CWE-89
High · CVSS 7.2
EPSS 0.0% (0th pct)2026-03-25
OpenEMR: XInclude Injection in CCDA Import Allows Reading Arbitrary Server Files
CVE-2026-33913
Public exploit
Patch
CWE-611
High · CVSS 7.7
EPSS 0.1% (22th pct)2026-03-25
OpenEMR has reflected XSS in ajax_download.php via reportID parameter
CVE-2026-33912
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (7th pct)2026-03-25
OpenEMR vulnerable to reflected XSS in graphs.php via title parameter
CVE-2026-33911
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (6th pct)2026-03-25
OpenEMR has a SQL Injection Vulnerability in patient selection
CVE-2026-33910
Public exploit
Patch
CWE-89
High · CVSS 7.2
EPSS 0.0% (0th pct)2026-03-25
OpenEMR Vulnerable to SQL Injection via Unsanitized Variables in MedEx Recall/Reminder Processing
CVE-2026-33909
Patch
CWE-89
Medium · CVSS 5.9
EPSS 0.0% (0th pct)2026-03-25
OpenEMR has Stored XSS in patient encounter Eye Exam form $CHRONIC2 and $CHRONIC3
CVE-2026-33348
Public exploit
Patch
CWE-79
High · CVSS 8.7
EPSS 0.0% (10th pct)2026-03-25
OpenEMR has IDOR in Fee Sheet Product Save
CVE-2026-32120
Public exploit
Patch
CWE-639
Medium · CVSS 6.5
EPSS 0.0% (5th pct)2026-03-25
OpenEMR Vulnerable to Authenticated Blind Boolean-Based SQL Injection in new_search_popup.php
CVE-2026-29187
Patch
CWE-89
High · CVSS 8.1
EPSS 0.0% (0th pct)2026-03-25
OpenEMR has stored XSS in portal_payment.php via Unescaped table_args
CVE-2026-33346
Public exploit
Patch
CWE-79
High · CVSS 8.7
EPSS 0.0% (11th pct)2026-03-19
OpenEMR has Authorization Bypass in FaxSMS AppDispatch Constructor
CVE-2026-33305
Public exploit
Patch
CWE-862
Medium · CVSS 5.4
EPSS 0.1% (24th pct)2026-03-19
OpenEMR has Authorization Bypass in Dated Reminders Log
CVE-2026-33304
Public exploit
Patch
CWE-639
Medium · CVSS 6.5
EPSS 0.1% (28th pct)2026-03-19
OpenEMR Vulnerable to Stored XSS via Unescaped portal_login_username in Credential Print View
CVE-2026-33303
Public exploit
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (7th pct)2026-03-19
OpenEMR: zhAclCheck Ignores Explicit ACL Denies
CVE-2026-33302
Public exploit
Patch
CWE-863
High · CVSS 7.3
EPSS 0.1% (32th pct)2026-03-19
OpenEMR has Out-of-Band Server-Side Request Forgery (OOB SSRF)
CVE-2026-33321
Public exploit
Patch
CWE-918
High · CVSS 7.2
EPSS 0.1% (34th pct)2026-03-19
OpenEMR has arbitrary image file read via PDF generator
CVE-2026-33301
Public exploit
Patch
CWE-116
High · CVSS 7.1
EPSS 0.0% (13th pct)2026-03-19
OpenEMR has Stored XSS in patient encounter Eye Exam form answers
CVE-2026-33299
Public exploit
Patch
CWE-79
High · CVSS 8.5
EPSS 0.2% (46th pct)2026-03-19
OpenEMR has Stored DOM XSS via SearchHighlight text-node reconstruction on Custom Report page
CVE-2026-32119
Public exploit
Patch
CWE-79
Medium · CVSS 4.4
EPSS 0.0% (4th pct)2026-03-19
OpenEMR has Remote Code Execution in backup functionality
CVE-2026-32238
Public exploit
Patch
CWE-78
Critical · CVSS 9.1
EPSS 0.1% (27th pct)2026-03-19

Showing 30 of 210

Common weakness types

The CWE weakness categories most often found in openemr CVEs. Follow any weakness for its full explanation.

CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')44 CVEs
CWE-639Authorization Bypass Through User-Controlled Key16 CVEs
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')13 CVEs
CWE-862Missing Authorization11 CVEs
CWE-284Improper Access Control6 CVEs
CWE-80Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)4 CVEs
CWE-200Exposure of Sensitive Information to an Unauthorized Actor4 CVEs
CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')4 CVEs

Disclosure activity by year

How many openemr CVEs were published each year.

2007

1

2012

2

2017

6

2018

26

2019

19

2020

1

2021

22

2022

29

2023

14

2024

3

2025

10

2026

74

Other openemr products

Browse vulnerabilities for other products by openemr.

openemr/openemr37 CVEs

All openemr vulnerabilities

Frequently asked questions

Common questions about openemr vulnerabilities.

How many CVEs does openemr openemr have?

openemr openemr has 210 published CVE records since 2006.

How many openemr openemr CVEs are in CISA KEV?

None of openemr openemr's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for openemr openemr vulnerabilities?

Yes — 111 of openemr openemr's CVEs have a known public exploit.

Which versions of openemr openemr are affected?

108 distinct openemr openemr versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in openemr openemr CVEs?

openemr openemr's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-639 (Authorization Bypass Through User-Controlled Key), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-862 (Missing Authorization).

How many critical openemr openemr vulnerabilities are there?

openemr openemr has 12 critical and 65 high-severity CVEs.

What is the average severity of openemr openemr CVEs?

The average CVSS base score across openemr openemr's scored CVEs is 7.0.

References

All openemr vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track openemr vulnerabilities

Monitor new openemr vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References

5 CVEs

42a1c2a6f8dadd7c73da5cf4c06fa0d1ce8b7b984 CVEs

5b02deec705c330594b41a778442f351db2705243 CVEs

699e3c2ef68545357cac714505df1419b8bf20513 CVEs

8410e4c144d72b476cd530c5bb8d4e5db2f0a2553 CVEs

941eacc1cb7c548b42c2e5197ebafe5553a9bc843 CVEs

d0cdc01d817fc9df328e8d1b64c85f9ac09607f93 CVEs

fb33cbdacd6474911caaedd271d443ce41370d283 CVEs

16c3af148f08092d01aef54188b7d7bb1ba632ac2 CVEs

35a67d11567419866d8aa9de0ae355676eeebede2 CVEs

4963fe4932a0a4e1e982642226174e9931d095412 CVEs

728f4bdd4f8c729944c5544589f81374cec7c4f42 CVEs

190918578e1c9b1df08bd21683116967037d957d1 CVE

28ca5c008d4a408b60001a67dfd3e0915f9181e01 CVE

2a5dd0601e1f616251006d7471997ecd7aaf96511 CVE

3e22d11c7175c1ebbf3d862545ce6fee18f706171 CVE

7.0.2.11 CVE

771dd69c5a7d9e2eb382ec99ca5fa99a86ffe62b1 CVE

797be3f604c873e838d0ee19c5bb6a1301ffabae1 CVE

92a2ff9eaaa80674b3a934a6556e35e7aded5a411 CVE

a438d034088620bcc1dd3856a3d5c32d1cb17dcc1 CVE

b8963a5ca483211ed8de71f18227a0e66a2582ad1 CVE

c7ce44f491fa30349e3a3eb7fa1f9afb48cb3ae71 CVE

c87489bf63f2701b634d948279e104f2ed3df1c01 CVE

d132c54f3509537c508fd40c08a27929b61cac1d1 CVE

d141d2ca06fb2171a202c7302dd5d5af8539f2551 CVE

ef3bb7f84ebe8ef54d55416e587ec2fefd0654891 CVE