CVE-2026-34053 in OpenEMRthông tin

Tóm tắt

Bởi MITRE • 26/03/2026

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, missing authorization in the AJAX deletion endpoint `interface/forms/procedure_order/handle_deletions.php` allows any authenticated user, regardless of role, to irreversibly delete procedure orders, answers, and specimens belonging to any patient in the system. Version 8.0.0.3 patches the issue.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

chịu trách nhiệm

GitHub M

Đặt trước

25/03/2026

Tiết lộ

26/03/2026

Kiểm duyệt

được chấp nhận

EPSS

0.00415

KEV

không

Các hoạt động

rất thấp

Nguồn

Might our Artificial Intelligence support you?

Check our Alexa App!