CVE-2026-34051

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0.3

Description OpenEMR is an electronic health records and medical practice management application. Improper access control on the Import/Export functionality in versions prior to 8.0.0.3 allows unauthorized users to perform import and export actions through direct request manipulation, bypassing UI restrictions. This can result in unauthorized data access, bulk data extraction, and manipulation of system data.

Recommendations Update to version 8.0.0.3 or later.