Known Vulnerabilities for products from Open-Emr
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Open-Emr".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-49380 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-49325 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-49238 json | Not Provided | 2026-05-28 | 2026-05-28 | |
| CVE-2026-49059 json | Not Provided | 2026-05-27 | 2026-05-27 | |
| CVE-2026-48832 json | Not Provided | 2026-05-24 | 2026-05-26 | |
| CVE-2026-48792 json | Not Provided | 2026-05-27 | 2026-05-28 | |
| CVE-2026-48735 json | Not Provided | 2026-05-28 | 2026-05-28 | |
| CVE-2026-48249 json | Not Provided | 2026-05-21 | 2026-05-26 | |
| CVE-2026-48248 json | Not Provided | 2026-05-21 | 2026-05-26 | |
| CVE-2026-48247 json | Not Provided | 2026-05-21 | 2026-05-21 | |
| CVE-2023-54347 json | OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections ... | Not Provided | 2026-05-05 | 2026-05-05 |
| CVE-2023-22974 json | A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a... | 7.5 - HIGH | 2023-02-22 | 2023-03-03 |
| CVE-2023-22973 json | A Local File Inclusion (LFI) vulnerability in interface/forms/LBF/new.php in OpenEMR < 7.0.0 allows remote authenticated user... | 8.8 - HIGH | 2023-02-22 | 2023-03-03 |
| CVE-2023-22972 json | A Reflected Cross-site scripting (XSS) vulnerability in interface/forms/eye_mag/php/eye_mag_functions.php in OpenEMR < 7.0.0 ... | 5.4 - MEDIUM | 2023-02-22 | 2023-03-03 |
| CVE-2023-2950 json | Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1. | 8.1 - HIGH | 2023-05-28 | 2023-06-01 |
| CVE-2023-2949 json | Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1. | 6.1 - MEDIUM | 2023-05-28 | 2023-06-01 |
| CVE-2023-2948 json | Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1. | 6.1 - MEDIUM | 2023-05-28 | 2023-06-01 |
| CVE-2023-2947 json | Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1. | 4.8 - MEDIUM | 2023-05-27 | 2023-06-01 |
| CVE-2023-2946 json | Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. | 8.1 - HIGH | 2023-05-27 | 2023-06-01 |
| CVE-2023-2945 json | Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1. | 5.4 - MEDIUM | 2023-05-27 | 2023-06-01 |
Known software with vulnerabilities from Open-Emr
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Open-emr | Openemr | 2.0.1.2 |