Main Vulnerability Database Vulnerabilities #VU128544

Authorization bypass through user-controlled key in OpenEMR - CVE-2026-34055

Published: April 30, 2026

Vulnerability identifier: #VU128544

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2026-34055

CWE-ID: CWE-639

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
OpenEMR

Software vendor:
OpenEMR

Description

The vulnerability allows a remote user to read and modify patient notes belonging to other patients.

The vulnerability exists due to authorization bypass through a user-controlled key in the legacy patient notes web UI functions in library/pnotes.inc.php when handling user-supplied note IDs. A remote user can supply a note ID for a patient they are not authorized to access to read and modify patient notes belonging to other patients.

The issue affects web UI code paths that update, delete, hide, reappear, authorize, or change message status for notes, and user interaction is not required.

Remediation

Install security update from vendor's website.

External links

https://github.com/openemr/openemr/security/advisories/GHSA-8gj5-r8vm-mghq

Authorization bypass through user-controlled key in OpenEMR - CVE-2026-34055

Description

Remediation

External links

Please verify you're human