CVE-2026-47672

CVE-2026-47672 affects the Java client epa4all-client for epa4all/ePA 3.0. In version 1.2.4 and earlier, a network-reachable caller can write arbitrary documents to any patient electronic health record (EHR) accessible by the institution’s SMC-B card. In misconfigured deployments (e.g., following...

PT-2026-40775

Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables unauthorized access to sensitive debug information such as metrics and health data. This issue affects Symmetric Key Agreement Platform: before 26.03...

PT-2026-21816

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 7.0.4 Description OpenEMR’s HTTP client wrapper oeHttp/oeHttpRequest has a default setting that disables SSL/TLS certificate verification verify: false. This makes all external HTTPS connections susceptible to...

CVE-2025-53845

An improper authentication vulnerability CWE-287 in Fortinet FortiAnalyzer version 7.6.0 through 7.6.3 and before 7.4.6 allows an unauthenticated attacker to obtain information pertaining to the device's health and status, or cause a denial of service via crafted OFTP requests...

EUVD-2022-37718

Malicious code in bioql PyPI...