CVE Vulnerabilities - 26 March 2026

The WP Job Portal plugin for WordPress allows an attacker with a low-level account to delete any file on the site, potentially leading to serious data loss or security breaches. This issue affects all...

OpenEMR's free electronic health records system has a security flaw that could allow an attacker with a login to access sensitive information. This issue allows hackers to access data they shouldn't h...

Prior to version 8.0.0.3, OpenEMR didn't properly check user permissions when updating or deleting patient notes, potentially allowing unauthorized users to access sensitive information. This has been...

A security issue in OpenEMR allows unauthorized users to view and download sensitive medical records, potentially exposing patient information. This could lead to unauthorized data disclosure and misu...

Before a software update, a security issue in OpenEMR allowed a hacker to inject malicious code into a patient's medical document, potentially harming the clinician's computer or stealing sensitive in...

OpenEMR's billing file-download feature had a security weakness allowing authorized users without billing privileges to access and delete sensitive files containing patient health information. This ha...

OpenEMR's PostCalendar module in versions prior to 8.0.0.3 has a security flaw that could allow unauthorized access to sensitive information. This affects medical practices using OpenEMR. To protect y...

Using OpenEMR, any authorized user can delete sensitive patient data, including medical records and test results, by exploiting a previously patched bug. This can lead to lost or altered patient infor...

OpenEMR's patient payment portal allowed anyone with an account to see payment records for other patients, including sensitive financial and personal data, by manipulating a specific query. This has b...

A security issue exists in SourceCodester Sales and Inventory System 1.0, which allows unauthorized access to sensitive data when updating stock levels. This could potentially lead to data breaches or...

OpenEMR's custom template editor has a bug that allows a hacker to take control of a staff member's computer session by tricking them into visiting a malicious website. This could allow the hacker to ...

The free OpenEMR system for managing medical records has a security issue that allows unauthorized people to access, extract, and manipulate sensitive patient data. This happens because the system doe...

Prior to version 8.0.0.3, OpenEMR's insurance company data can be accessed or modified by users without proper permission. This is a security risk because sensitive patient information can be compromi...

OpenEMR's patient portal in versions before 8.0.0.3 allows any patient portal user to view the signature of any medical staff member. This could be a concern for patient confidentiality and data prote...

Crun versions 1.19-1.26 incorrectly interpret the `-u` option, allowing a process to run with higher privileges than intended. This could lead to unauthorized access to system resources. Upgrade to ve...