CVE-2026-25928

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0.2

Description OpenEMR is an electronic health records and medical practice management application. The DICOM zip/export feature does not properly sanitize user-supplied paths when creating zip files. This allows an attacker with DICOM upload/export permission to write files outside the intended directory, potentially including the web root. Successful exploitation could lead to arbitrary file write and potentially remote code execution if PHP or other executable files are written. The issue involves the use of a user-supplied destination or path component without sanitizing path traversal sequences, such as ../.

Recommendations Update to OpenEMR version 8.0.0.2 or later.