PT-2026-26151 · Openemr · Openemr
Simecek
·
Published
2026-03-18
·
Updated
2026-03-19
·
CVE-2026-25745
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
OpenEMR versions up to and including 8.0.0
Description
OpenEMR is an electronic health records and medical practice management application. In versions up to and including 8.0.0, the message/note update endpoint does not verify that the message belongs to the current patient or that the user is authorized to edit the patient’s notes. An authenticated user with notes permission can modify any patient’s messages by providing another message ID. The vulnerable endpoint is a PUT or POST request to the message/note update endpoint. The vulnerable parameter is the message/note ID. Commit 92a2ff9eaaa80674b3a934a6556e35e7aded5a41 contains a fix for the issue.
Recommendations
Update to a version later than 8.0.0.
Exploit
Fix
LPE
IDOR
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openemr