Known Vulnerabilities for products from Open-emr
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Open-emr".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-58520 json | Not Provided | 2026-07-01 | 2026-07-01 | |
| CVE-2026-58450 json | Not Provided | 2026-06-30 | 2026-07-01 | |
| CVE-2026-58370 json | Not Provided | 2026-06-30 | 2026-07-02 | |
| CVE-2026-58167 json | Not Provided | 2026-06-30 | 2026-06-30 | |
| CVE-2026-57498 json | Not Provided | 2026-06-29 | 2026-06-30 | |
| CVE-2026-57456 json | Not Provided | 2026-06-25 | 2026-06-26 | |
| CVE-2026-57455 json | Not Provided | 2026-06-25 | 2026-06-25 | |
| CVE-2026-57454 json | Not Provided | 2026-06-25 | 2026-06-26 | |
| CVE-2026-57453 json | Not Provided | 2026-06-25 | 2026-06-26 | |
| CVE-2026-57452 json | Not Provided | 2026-06-25 | 2026-06-25 | |
| CVE-2026-46518 json | OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0... | Not Provided | 2026-06-10 | 2026-06-11 |
| CVE-2023-54347 json | OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections ... | Not Provided | 2026-05-05 | 2026-05-05 |
| CVE-2023-22974 json | A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a... | 7.5 - HIGH | 2023-02-22 | 2023-03-03 |
| CVE-2023-22973 json | A Local File Inclusion (LFI) vulnerability in interface/forms/LBF/new.php in OpenEMR < 7.0.0 allows remote authenticated user... | 8.8 - HIGH | 2023-02-22 | 2023-03-03 |
| CVE-2023-22972 json | A Reflected Cross-site scripting (XSS) vulnerability in interface/forms/eye_mag/php/eye_mag_functions.php in OpenEMR < 7.0.0 ... | 5.4 - MEDIUM | 2023-02-22 | 2023-03-03 |
| CVE-2023-2950 json | Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1. | 8.1 - HIGH | 2023-05-28 | 2023-06-01 |
| CVE-2023-2949 json | Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1. | 6.1 - MEDIUM | 2023-05-28 | 2023-06-01 |
| CVE-2023-2948 json | Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1. | 6.1 - MEDIUM | 2023-05-28 | 2023-06-01 |
| CVE-2023-2947 json | Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1. | 4.8 - MEDIUM | 2023-05-27 | 2023-06-01 |
| CVE-2023-2946 json | Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. | 8.1 - HIGH | 2023-05-27 | 2023-06-01 |
Known software with vulnerabilities from Open-emr
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Open-emr | Openemr | 2.0.1.2 |