Main Vulnerability Database Vulnerabilities #VU128544

Authorization bypass through user-controlled key in OpenEMR - CVE-2026-34055

Published: April 30, 2026

Vulnerability identifier: #VU128544

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2026-34055

CWE-ID: CWE-639

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: OpenEMR

Affected software:
OpenEMR

Detailed vulnerability description

The vulnerability allows a remote user to read and modify patient notes belonging to other patients.

The vulnerability exists due to authorization bypass through a user-controlled key in the legacy patient notes web UI functions in library/pnotes.inc.php when handling user-supplied note IDs. A remote user can supply a note ID for a patient they are not authorized to access to read and modify patient notes belonging to other patients.

The issue affects web UI code paths that update, delete, hide, reappear, authorize, or change message status for notes, and user interaction is not required.

How to mitigate CVE-2026-34055

Install security update from vendor's website.

Sources

https://github.com/openemr/openemr/security/advisories/GHSA-8gj5-r8vm-mghq

Authorization bypass through user-controlled key in OpenEMR - CVE-2026-34055

Detailed vulnerability description

How to mitigate CVE-2026-34055

Sources

Please verify you're human