Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2026/03/03 10:8 p.m.13 views

CVE-2026-25146

OpenEMR is affected from version 5.0.2 up to, but not including, 8.0.0. In at least two code paths, the gateway_api_key secret value is rendered in plaintext in client-side JavaScript, exposing the key used to authorize payment gateway APIs. This leakage can enable arbitrary money movements or br...

9.6CVSS6AI score0.00444EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2026/03/03 10:8 p.m.23 views

CVE-2026-25146 OpenEMR's payments gateway_api_key secret rendered into client JS code

OpenEMR is a free and open source electronic health records and medical practice management application. From 5.0.2 to before 8.0.0, there are at least two paths where the gatewayapikey secret value is rendered to the client in plaintext. These secret keys being leaked could result in arbitrary...

9.6CVSS0.00444EPSS
Exploits1References4
EUVD
EUVDadded 2026/03/03 10:8 p.m.6 views

EUVD-2026-9329

OpenEMR is a free and open source electronic health records and medical practice management application. From 5.0.2 to before 8.0.0, there are at least two paths where the gatewayapikey secret value is rendered to the client in plaintext. These secret keys being leaked could result in arbitrary...

9.6CVSS6AI score0.00444EPSS
Exploits1References4
Rows per page
Query Builder