CVE-2026-25135 OpenEMR's location resource for Group.$export operation returns entire patient/user population contact information

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 have an information disclosure vulnerability that leaks the entire contact information for all users, organizations, and patients in the system to anyone who has the...