CVE-2026-33909 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedE…
Medium CVSS: 5.9

CVE-2026-33909

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedEx recall/reminder processing code are concatenated directly into SQL queries without parameterization or type casting, enabling SQL injection. Version 8.0.0.3 contains a patch.
Vendor
Open-emr
Product
Openemr
CWE
CWE-89
Yayın Tarihi
2026-03-25 23:17:10
Güncelleme
2026-03-26 18:02:01
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-89 Openemr MEDIUM Open-emr 2026

Referanslar

https://github.com/openemr/openemr/commit/3d11d2fc1622147d4aa6fbca31a471e7402ffc65 https://github.com/openemr/openemr/releases/tag/v8_0_0_3 https://github.com/openemr/openemr/security/advisories/GHSA-6vx2-w9hw-prqj