PT-2026-24848 · Git+1 · Openemr

Chrissub08

Publicado

2026-03-11

Atualizado

2026-03-14

CVE-2026-32127

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0.1

Description OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.1 contain a SQL injection issue in the ajax graphs library. This issue can be exploited by authenticated attackers due to insufficient input validation within the ajax graphs library. The vulnerability exists because of inadequate validation of input data.

Recommendations Versions prior to 8.0.0.1 should be updated to version 8.0.0.1 or later.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2026-32127

GHSA-V8Q6-H79F-736X

Produtos afetados

Openemr

PT-2026-24848 · Git+1 · Openemr

CVE-2026-32127

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8