CVE-2026-25744 | OpenEMR up to 8.0.0.2 Encounter Vitals API authorization (GHSA-mv9m-j65p-g55f)

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in OpenEMR up to 8.0.0.2. This issue affects some unknown processing of the component Encounter Vitals API. This manipulation causes authorization bypass.

This vulnerability is handled as CVE-2026-25744. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-25744 | OpenEMR up to 8.0.0.2 Encounter Vitals API authorization (GHSA-mv9m-j65p-g55f)

Post correlati

CVE-2024-22192 | hyperledger-archives ursa up to 0.3.7 Revocation Schema risky encryption (GHSA-6698-mhxx-r84g)

CVE-2025-50109 | Emerson ValveLink SOLO up to 13.x sensitive information in memory (icsa-25-189-01)

CVE-2025-23409 | OpenHarmony up to 5.0.2 Pre-installed Apps use after free

CVE-2023-20248 | Cisco TelePresence Management Suite Web-based Management Interface cross site scripting (cisco-sa-tms-portal-xss-AXNeVg3s)