{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T06:46:17.232","vulnerabilities":[{"cve":{"id":"CVE-2026-25164","sourceIdentifier":"security-advisories@github.com","published":"2026-02-25T19:43:21.827","lastModified":"2026-02-27T14:41:30.330","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the REST API route table in `apis/routes/_rest_routes_standard.inc.php` does not call `RestConfig::request_authorization_check()` for the document and insurance routes. Other patient routes in the same file (e.g. encounters, patients/med) call it with the appropriate ACL. As a result, any valid API bearer token can access or modify every patient's documents and insurance data, regardless of the token’s OpenEMR ACLs—effectively exposing all document and insurance PHI to any authenticated API client. Version 8.0.0 patches the issue."},{"lang":"es","value":"OpenEMR es una aplicación de código abierto y gratuita para registros de salud electrónicos y gestión de consultorios médicos. Antes de la versión 8.0.0, la tabla de rutas de la API REST en 'apis/routes/_rest_routes_standard.inc.php' no llama a 'RestConfig::request_authorization_check()' para las rutas de documentos y seguros. Otras rutas de pacientes en el mismo archivo (por ejemplo, encuentros, pacientes/med) la llaman con la ACL apropiada. Como resultado, cualquier token portador de API válido puede acceder o modificar los documentos y datos de seguro de cada paciente, independientemente de las ACL de OpenEMR del token —exponiendo eficazmente toda la información de salud protegida (PHI) de documentos y seguros a cualquier cliente de API autenticado. La versión 8.0.0 corrige el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:*","versionEndExcluding":"8.0.0","matchCriteriaId":"FEAA9896-A42E-437C-BEE8-8DA955E34385"}]}]}],"references":[{"url":"https://github.com/openemr/openemr/commit/c5e1c44774156cd0d04f4e08ed6a81fe76d38e92","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/openemr/openemr/security/advisories/GHSA-f64c-h2gh-g3f9","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/openemr/openemr/security/advisories/GHSA-f64c-h2gh-g3f9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}