4 matches found
EUVD-2026-16014
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedEx recall/reminder processing code are concatenated directly into SQL queries without parameterization or type casting, enabling SQL...
CVE-2026-33909
OpenEMR prior to v8.0.0.3 is vulnerable to SQL injection in the MedEx recall/reminder processing code, where several variables are concatenated directly into SQL queries without parameterization or type casting. The issue affects components used for recall/reminder processing; CVE-2026-33909 is m...
CVE-2026-33909 OpenEMR Vulnerable to SQL Injection via Unsanitized Variables in MedEx Recall/Reminder Processing
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedEx recall/reminder processing code are concatenated directly into SQL queries without parameterization or type casting, enabling SQL...
PT-2026-28138
Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0.3 Description OpenEMR is an electronic health records and medical practice management application. Versions prior to 8.0.0.3 contain a flaw where variables used in the MedEx recall/reminder processing code are...