CVE-2026-21443 | OpenEMR up to 7.x cross site scripting (GHSA-3f9j-cqjj-7h46)

February 25, 2026 Yanac

A vulnerability described as problematic has been identified in OpenEMR up to 7.x. This impacts an unknown function. The manipulation results in cross site scripting.

This vulnerability is known as CVE-2026-21443. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More

CVE-2026-27609 | parse-community parse-dashboard up to 9.0.0-alpha.7 /apps/ cross-site request forgery (GHSA-3534-xp88-25rc)
CVE-2025-69231 | OpenEMR up to 7.x cross site scripting (GHSA-mf62-q2xc-hxm3)