CVE-2026-27943 | OpenEMR up to 8.0.0 eye_mag form_id authorization (GHSA-q96x-qw99-6xq9)

Inserito da Angelo Barbosa | Feb 26, 2026 | CVE

A vulnerability marked as problematic has been reported in OpenEMR up to 8.0.0. This impacts the function eye_mag. The manipulation of the argument form_id leads to authorization bypass.

This vulnerability is traded as CVE-2026-27943. It is possible to initiate the attack remotely. There is no exploit available.

To fix this issue, it is recommended to deploy a patch.

CVE-2026-27943 | OpenEMR up to 8.0.0 eye_mag form_id authorization (GHSA-q96x-qw99-6xq9)

Post correlati

CVE-2025-4647 | Centreon Web up to 22.10.28/23.04.26/23.10.21/24.04.10/24.10.4 cross site scripting

CVE-2024-2448 | Progress LoadMaster up to 7.1.35.10/7.2.48.10/7.2.54.8/7.2.59.2 os command injection

CVE-2024-5520 | Alkacon OpenCMS 16 Admin Panel title cross site scripting

CVE-2024-6107 | Canonical MAAS up to 3.1.3/3.2.10/3.3.7/3.4.3/3.5.0 RPC Command improper authentication