CVE-2026-33304

Published: Mar 19, 2026Modified: Mar 20, 2026

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: security-advisories@github.com (Secondary)

Description

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization bypass in the dated reminders log allows any authenticated non-admin user to view reminder messages belonging to other users, including associated patient names and free-text message content, by crafting a GET request with arbitrary user IDs in the `sentTo[]` or `sentBy[]` parameters. Version 8.0.0.2 fixes the issue.

Affected (1)

Products: Open Emr: Openemr

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Open Emr Openemr	Before 8.0.0.2

Related CWEs

Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (2)

https://github.com/openemr/openemr/commit/21dee7658a5f3b18c5750e3fae7324e875c1703a

Source: security-advisories@github.com

Patch

https://github.com/openemr/openemr/security/advisories/GHSA-66j9-ffq4-h222

Source: security-advisories@github.com

ExploitVendor Advisory

Timeline

No history available yet.