Vulnerability Description
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, users with the `Notes - my encounters` role can fill Eye Exam forms in patient encounters. The answers to the form can be printed out in PDF form. An arbitrary file read vulnerability was identified in the PDF creation function where the form answers are parsed as unescaped HTML, allowing an attacker to include arbitrary image files from the server in the generated PDF. Version 8.0.0.2 fixes the issue.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open-Emr | Openemr | < 8.0.0.2 |
Related Weaknesses (CWE)
References
- https://github.com/openemr/openemr/commit/dccc962f06bdf6105ca85c277915167caf3e7cPatch
- https://github.com/openemr/openemr/security/advisories/GHSA-v9v3-q973-xp2hExploitVendor Advisory
FAQ
What is CVE-2026-33301?
CVE-2026-33301 is a vulnerability with a CVSS score of 8.1 (HIGH). OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, users with the `Notes - my encounters` role can fill Eye Exam forms in patie...
How severe is CVE-2026-33301?
CVE-2026-33301 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-33301?
Check the references section above for vendor advisories and patch information. Affected products include: Open-Emr Openemr.