Lucene search
K

6 matches found

NVD
NVD
added 2026/03/25 11:17 p.m.9 views

CVE-2026-33909

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedEx recall/reminder processing code are concatenated directly into SQL queries without parameterization or type casting, enabling SQL...

5.9CVSS0.0033EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/25 10:35 p.m.4 views

CVE-2026-33909 OpenEMR Vulnerable to SQL Injection via Unsanitized Variables in MedEx Recall/Reminder Processing

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedEx recall/reminder processing code are concatenated directly into SQL queries without parameterization or type casting, enabling SQL...

5.9CVSS6AI score0.0033EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/25 10:35 p.m.23 views

CVE-2026-33909 OpenEMR Vulnerable to SQL Injection via Unsanitized Variables in MedEx Recall/Reminder Processing

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedEx recall/reminder processing code are concatenated directly into SQL queries without parameterization or type casting, enabling SQL...

5.9CVSS0.0033EPSS
Exploits0References3
OSV
OSV
added 2026/03/25 10:35 p.m.5 views

CVE-2026-33909 OpenEMR Vulnerable to SQL Injection via Unsanitized Variables in MedEx Recall/Reminder Processing

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedEx recall/reminder processing code are concatenated directly into SQL queries without parameterization or type casting, enabling SQL...

5.9CVSS6AI score0.0033EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:35 p.m.2 views

CVE-2026-33909

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedEx recall/reminder processing code are concatenated directly into SQL queries without parameterization or type casting, enabling SQL...

5.9CVSS6AI score0.0033EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/25 10:35 p.m.14 views

CVE-2026-33909

OpenEMR prior to v8.0.0.3 is vulnerable to SQL injection in the MedEx recall/reminder processing code, where several variables are concatenated directly into SQL queries without parameterization or type casting. The issue affects components used for recall/reminder processing; CVE-2026-33909 is m...

5.9CVSS6AI score0.0033EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder