CVE-2026-21443

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the xl translation function returns unescaped strings. While wrapper functions exist for escaping in different contexts xlt for HTML, xla for attributes, xlj for...

CVE-2026-21443 OpenEMR allows inconsistent escaping of translation function output

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the xl translation function returns unescaped strings. While wrapper functions exist for escaping in different contexts xlt for HTML, xla for attributes, xlj for...

CVE-2026-21443 OpenEMR allows inconsistent escaping of translation function output

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the xl translation function returns unescaped strings. While wrapper functions exist for escaping in different contexts xlt for HTML, xla for attributes, xlj for...

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained security...

PT-2026-21822

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the xl translation function returns unescaped strings. While wrapper functions exist for escaping in different contexts xlt for HTML, xla for attributes, xlj for...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993040)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993040 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 color transformation This commit addresses a...

Liblouis 安全漏洞

Liblouis is an open source Braille translator written in C. A security vulnerability exists in Liblouis version v.3.24.0, which stems from a buffer overflow vulnerability that can be exploited by remote attackers to cause a denial of service via the compileTranslationTable.c and lousetDataPath...

elfutils heap buffer overread vulnerability

elfutils is a collection of utilities and libraries for reading, creating, and modifying ELF binaries, finding and manipulating DWARF debug data, symbols, thread states, and stack traces for processes and kernel files on GNU/Linux. A heap buffer over-read vulnerability exists in the elf32xlatetom...

kernel: vhost: fix length for cross region descriptor

The translatedesc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges...