CVE-2026-33913

Publication date

2026-03-25 22:52:50

Family

GitHub_M

State

PUBLISHED

Description

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an authenticated user with access to the Carecoordination module can upload a crafted CCDA document containing `` to read arbitrary files from the server. Version 8.0.0.3 patches the issue.