{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T14:08:02.163","vulnerabilities":[{"cve":{"id":"CVE-2026-32238","sourceIdentifier":"security-advisories@github.com","published":"2026-03-19T20:16:14.057","lastModified":"2026-03-20T19:16:15.603","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.2 contain a Command injection vulnerability in the backup functionality that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input validation in the backup functionality. Version 8.0.0.2 fixes the issue."},{"lang":"es","value":"OpenEMR es una aplicación de código abierto y gratuita para la gestión de registros médicos electrónicos y la práctica médica. Las versiones anteriores a la 8.0.0.2 contienen una vulnerabilidad de inyección de comandos en la funcionalidad de copia de seguridad que puede ser explotada por atacantes autenticados. La vulnerabilidad existe debido a una validación de entrada insuficiente en la funcionalidad de copia de seguridad. La versión 8.0.0.2 soluciona el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:*","versionEndExcluding":"8.0.0.2","matchCriteriaId":"C78F19AD-BD18-4F61-8B1C-DD099DBC6D34"}]}]}],"references":[{"url":"https://github.com/openemr/openemr/commit/7bc7bd077a624e205daed17658de41af6070ef73","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/openemr/openemr/security/advisories/GHSA-6pmc-3xm7-pm86","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/openemr/openemr/security/advisories/GHSA-6pmc-3xm7-pm86","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}}]}