Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2026/03/26 3:8 p.m.8 views

CVE-2026-33305

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization bypass in the optional FaxSMS module oe-module-faxsms allows any authenticated OpenEMR user to invoke controller methods — including getNotificationLog, whic...

5.4CVSS5.9AI score0.00212EPSS
Exploits1References1
nvd
nvd
added 2026/03/19 9:17 p.m.5 views

CVE-2026-33305

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization bypass in the optional FaxSMS module oe-module-faxsms allows any authenticated OpenEMR user to invoke controller methods — including getNotificationLog, whic...

5.4CVSS0.00212EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2026/03/19 8:30 p.m.1 views

CVE-2026-33305 OpenEMR has Authorization Bypass in FaxSMS AppDispatch Constructor

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization bypass in the optional FaxSMS module oe-module-faxsms allows any authenticated OpenEMR user to invoke controller methods — including getNotificationLog, whic...

5.4CVSS5.9AI score0.00212EPSS
Exploits1References2
cve
cve
added 2026/03/19 8:30 p.m.16 views

CVE-2026-33305

OpenEMR (prior to 8.0.0.2) exposes an authorization bypass in the optional FaxSMS app: the AppDispatch constructor dispatches user-controlled actions, allowing any authenticated user to invoke controller methods (e.g., getNotificationLog) and access PHI without the required ACLs. The issue affect...

5.4CVSS5.9AI score0.00212EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2026/03/19 8:30 p.m.23 views

CVE-2026-33305 OpenEMR has Authorization Bypass in FaxSMS AppDispatch Constructor

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization bypass in the optional FaxSMS module oe-module-faxsms allows any authenticated OpenEMR user to invoke controller methods — including getNotificationLog, whic...

5.4CVSS0.00212EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/03/19 12:0 a.m.10 views

PT-2026-26347

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization bypass in the optional FaxSMS module oe-module-faxsms allows any authenticated OpenEMR user to invoke controller methods — including getNotificationLog, whic...

5.4CVSS5.9AI score0.00212EPSS
Exploits1References6
Rows per page
Query Builder