Security Advisory

CVE-2026-32123

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-11 20:49:38
Last updated 2026-03-12 14:10:53
Assigner GitHub_M
State PUBLISHED

Description

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, sensitivity checks for group encounters are broken because the code only consults form_encounter for sensitivity, while group encounters store sensitivity in form_groups_encounter. As a result, sensitivity is never correctly applied to group encounters, and users who should be restricted from viewing sensitive (e.g. mental health) encounters can view them. This vulnerability is fixed in 8.0.0.1.