2
0
3
0
Vulnerability Timeline
2 vulnerabilities discovered over time for Openemr
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-24488 | 6.5 | This vulnerability allows an attacker to send any file from the server, including sensitive information like database credentials and patient documents, to a phone number they control. It can be exploited by any authenticated user of the system, as the application does not properly restrict which files can be accessed or sent. | open-emropenemr | Exploit Available | about 1 month agoFeb 27, 2026 |
| CVE-2022-2824 | 5.4 | This vulnerability allows an attacker to bypass authorization controls and gain access to restricted areas of the OpenEMR application. To exploit this, the attacker needs to manipulate a user-controlled key, which could happen if they have access to the application or its configuration. | open-emropenemr | Exploit Available | over 3 years agoAug 15, 2022 |
About Open-emr Openemr Security
This page provides comprehensive security vulnerability tracking for Open-emr Openemr. Our database includes all CVEs affecting this product, updated in real-time from official sources.
Each vulnerability listing includes detailed CVSS severity analysis, exploit availability status, AI-generated explanations, and direct links to official security patches and vendor advisories.
Security Recommendations
- • Always keep Openemr updated to the latest version
- • Subscribe to security advisories from Open-emr
- • Monitor this page for new vulnerabilities affecting your version
- • Prioritize patching critical and high severity issues immediately