CVE-2026-40076 | OpenMRS up to 2.7.8/2.8.5 REST Endpoint module WebModuleUtil.startModule path traversal

Inserito da Angelo Barbosa | Mag 6, 2026 | CVE

A vulnerability classified as critical was found in OpenMRS up to 2.7.8/2.8.5. Impacted is the function WebModuleUtil.startModule of the file /openmrs/ws/rest/v1/module of the component REST Endpoint. Such manipulation leads to path traversal.

This vulnerability is listed as CVE-2026-40076. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.

CVE-2026-40076 | OpenMRS up to 2.7.8/2.8.5 REST Endpoint module WebModuleUtil.startModule path traversal

Post correlati

CVE-2026-2469 | directorytree imapengine up to 1.22.2 Downstream ImapConnection.php id injection

CVE-2021-47083 | Linux Kernel up to 5.4.168/5.10.88/5.15.11 mediatek desc[eint_n out-of-bounds

CVE-2024-8369 | EventPrime Plugin up to 4.0.4.3 on WordPress authorization

CVE-2023-42878 | Apple macOS App access control