Description
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in the OpenEMR order types management system, allowing low-privilege users (such as Receptionist) to add and modify procedure types without proper authorization. This vulnerability is present in the /openemr/interface/orders/types_edit.php endpoint. Version 8.0.0 contains a patch.
Published: 2026-02-25
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized modification of procedure types in OpenEMR
Action: Immediate Patch
AI Analysis

Impact

OpenEMR’s order types management module contains a broken access control flaw that allows users with low‑privilege roles, such as Receptionist, to add or edit procedure types via the /openemr/interface/orders/types_edit.php endpoint. This unauthorized modification undermines the intended control over procedure catalog entries.

Affected Systems

Vulnerable versions are all releases of OpenEMR prior to 8.0.0. The affected product is OpenEMR, an open‑source electronic health records system.

Risk and Exploitability

The CVSS score of 8.8 signals a high‑severity issue, while an EPSS score of less than 1 percent indicates a low probability of widespread exploitation. The flaw is not listed in the CISA KEV catalog. Exploitation is possible via the web interface by any logged‑in user with a low‑privilege role; no elevated permissions or remote code execution are required.

Generated by OpenCVE AI on April 18, 2026 at 17:43 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenEMR to version 8.0.0 or later, which contains the definitive fix for the broken access control.
  • Revoke or restrict the Receptionist role from the ability to edit procedure types until an upgrade is possible.
  • Conduct regular security scanning of the web application to detect unauthorized changes to procedure type configuration.

Generated by OpenCVE AI on April 18, 2026 at 17:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Feb 2026 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Open-emr
Open-emr openemr
CPEs cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:*
Vendors & Products Open-emr
Open-emr openemr

Wed, 25 Feb 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Openemr
Openemr openemr
Vendors & Products Openemr
Openemr openemr

Wed, 25 Feb 2026 02:00:00 +0000

Type Values Removed Values Added
Description OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in the OpenEMR order types management system, allowing low-privilege users (such as Receptionist) to add and modify procedure types without proper authorization. This vulnerability is present in the /openemr/interface/orders/types_edit.php endpoint. Version 8.0.0 contains a patch.
Title OpenEMR has Broken Access Control in Procedures Configuration
Weaknesses CWE-862
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Open-emr Openemr
Openemr Openemr
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-25T20:34:41.500Z

Reserved: 2026-01-29T14:03:42.540Z

Link: CVE-2026-25131

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-02-25T02:16:22.967

Modified: 2026-02-25T16:56:00.153

Link: CVE-2026-25131

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T17:45:06Z

Weaknesses