Description
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a Blind SQL Injection vulnerability exists in the Patient Search functionality (/interface/new/new_search_popup.php). The vulnerability allows an authenticated attacker to execute arbitrary SQL commands by manipulating the HTTP parameter keys rather than the values. Version 8.0.0.3 contains a patch.
Published: 2026-03-25
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Database Compromise
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a blind Boolean‑based SQL injection located in the Patient Search feature (/interface/new/new_search_popup.php). Attackers can manipulate the names of HTTP parameters instead of their values, causing the application to construct SQL statements from these keys. This flaw enables attackers to execute arbitrary SQL commands against the database, potentially extracting, modifying, or deleting patient records. The likely attack vector is an authenticated user who can access the patient search page, as the flaw exists only when authenticated credentials are present.

Affected Systems

The affected product is OpenEMR, distributed by openemr. All releases prior to version 8.0.0.3 are vulnerable. The issued patch is included in release 8.0.0.3, which removes the vulnerable code path.

Risk and Exploitability

The CVSS base score of 8.1 indicates high severity, and an EPSS score of less than 1% suggests the probability of exploitation is low at present. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires a valid authenticated session with access to the patient search interface; no privilege escalation beyond the existing user level is necessary. Successful exploitation would compromise the confidentiality and integrity of the database, allowing attackers to read, modify, or delete sensitive medical information.

Generated by OpenCVE AI on March 26, 2026 at 17:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenEMR to version 8.0.0.3 or later to apply the patch that removes the vulnerable code path.
  • If an upgrade is not immediately feasible, restrict patient search access to only the minimum set of users needed for their role and monitor for abnormal query patterns.
  • Review database user permissions to ensure the application operates with the least privilege necessary, limiting potential damage from a successful injection.

Generated by OpenCVE AI on March 26, 2026 at 17:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 26 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 26 Mar 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Open-emr
Open-emr openemr
CPEs cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:*
Vendors & Products Open-emr
Open-emr openemr

Thu, 26 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Openemr
Openemr openemr
Vendors & Products Openemr
Openemr openemr

Wed, 25 Mar 2026 23:00:00 +0000

Type Values Removed Values Added
References

Wed, 25 Mar 2026 22:45:00 +0000

Type Values Removed Values Added
Description OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a Blind SQL Injection vulnerability exists in the Patient Search functionality (/interface/new/new_search_popup.php). The vulnerability allows an authenticated attacker to execute arbitrary SQL commands by manipulating the HTTP parameter keys rather than the values. Version 8.0.0.3 contains a patch.
Title OpenEMR Vulnerable to Authenticated Blind Boolean-Based SQL Injection in new_search_popup.php
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}

Subscriptions

Open-emr Openemr
Openemr Openemr
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-26T19:52:12.052Z

Reserved: 2026-03-04T14:44:00.714Z

Link: CVE-2026-29187

cve-icon Vulnrichment

Updated: 2026-03-26T19:51:03.913Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-25T23:17:09.340

Modified: 2026-03-26T16:19:59.843

Link: CVE-2026-29187

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:29:31Z

Weaknesses