6 matches found
CVE-2026-33301
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, users with the Notes - my encounters role can fill Eye Exam forms in patient encounters. The answers to the form can be printed out in PDF form. An arbitrary file read...
CVE-2026-33321
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, users with the Notes - my encounters role can fill Eye Exam forms in patient encounters. The answers to the form can be printed out in PDF form. An Out-of-Band Server-Side...
CVE-2026-33321 OpenEMR has Out-of-Band Server-Side Request Forgery (OOB SSRF)
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, users with the Notes - my encounters role can fill Eye Exam forms in patient encounters. The answers to the form can be printed out in PDF form. An Out-of-Band Server-Side...
CVE-2026-33301 OpenEMR has arbitrary image file read via PDF generator
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, users with the Notes - my encounters role can fill Eye Exam forms in patient encounters. The answers to the form can be printed out in PDF form. An arbitrary file read...
CVE-2026-33301
OpenEMR (before version 8.0.0.2) is affected by an arbitrary image file read via the PDF generator. The vulnerability arises in the PDF creation function where form answers are parsed as unescaped HTML, enabling an attacker with the Notes - my encounters role to cause the generated PDF to include...
PT-2026-26335
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, users with the Notes - my encounters role can fill Eye Exam forms in patient encounters. The answers to the form can be printed out in PDF form. An arbitrary file read...