Vulnerabilities

CVE-2026-33909

by Fred · 25/03/2026

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedEx recall/reminder processing code are concatenated directly into SQL queries without parameterization or type casting, enabling SQL injection. Version 8.0.0.3 contains a patch.

More information : https://github.com/openemr/openemr/commit/3d11d2fc1622147d4aa6fbca31a471e7402ffc65

Similar

Tags: Cybersecurity Alert