CVE-2026-34053 in OpenEMRinformazioni

Riassunto

di MITRE • 26/03/2026

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, missing authorization in the AJAX deletion endpoint `interface/forms/procedure_order/handle_deletions.php` allows any authenticated user, regardless of role, to irreversibly delete procedure orders, answers, and specimens belonging to any patient in the system. Version 8.0.0.3 patches the issue.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsabile

GitHub M

Prenotare

25/03/2026

Divulgazione

26/03/2026

Moderazione

accettato

CPE

pronto

EPSS

0.00415

KEV

no

Attività

molto basso

Fonti

Want to stay up to date on a daily basis?

Enable the mail alert feature now!