CVE-2026-24890 | OpenEMR up to 7.x Patient Portal Signature Endpoint improper authorization (GHSA-xc8x-mfh8-9xvh)

A vulnerability was found in OpenEMR up to 7.x. It has been classified as critical. Impacted is an unknown function of the component Patient Portal Signature Endpoint. The manipulation leads to improper authorization.

This vulnerability is documented as CVE-2026-24890. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More