CVE-2026-25746

Published
View on NVD ↗
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
2
PROJECTS

Description

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 contain a SQL injection vulnerability in prescription that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input validation in the prescription listing functionality. Version 8.0.0 fixes the vulnerability.

openemr/openemr
openemr/openemr
The most popular open source electronic health records and medical practice management solution.
GitHubGitHub
5.21K
ChrisSub08/CVE-2026-25746_SqlInjectionVulnerabilityOpenEMR7.0.4
ChrisSub08/CVE-2026-25746_SqlInjectionVulnerabilityOpenEMR7.0.4
CVE-2026-25746 - SQL Injection Vulnerability in OpenEMR <8.0.0
GitHubGitHub