Back

High-Severity SQL Injection Vulnerability in OpenEMR (CVE-2026-33917)

Severity: High (Score: 72.0)

Sources: Nvd.Nist, Feedly

Summary

A critical SQL injection vulnerability (CVE-2026-33917) has been identified in OpenEMR versions prior to 8.0.0.3, affecting the ajax_save CAMOS form. This vulnerability arises from insufficient input validation, allowing authenticated attackers to execute arbitrary database commands. The potential impact includes unauthorized access, modification, or deletion of sensitive patient records and electronic health records (EHR) data. The CVSS v3.1 base score for this vulnerability is 8.8, indicating high severity with significant implications for confidentiality, integrity, and availability. Multiple proof-of-concept exploits have been released, increasing the urgency for organizations to patch their systems. A security patch was made available on March 26, 2026, and users are advised to upgrade to version 8.0.0.3 or later. There is currently no evidence of exploitation in the wild, but the risk remains high due to the nature of the vulnerability. Organizations should prioritize patching and consider implementing additional access controls until updates are completed. Key Points: • CVE-2026-33917 is a high-severity SQL injection vulnerability in OpenEMR. • Authenticated attackers can exploit this flaw to access sensitive patient data. • A patch for the vulnerability was released on March 26, 2026, and immediate upgrades are advised.

Key Entities

  • Sql Injection (attack_type)
  • XSS (vulnerability)
  • CVE-2026-33912 (cve)
  • CVE-2026-33917 (cve)
  • T1059.007 - JavaScript (mitre_attack)
  • T1190 - Exploit Public-Facing Application (mitre_attack)
  • OpenEMR (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed