CVE-2026-33914 | OpenEMR up to 8.0.0.2 PostCalendar pnVarCleanFromInput dels sql injection (GHSA-rq3v-38×5-3rm5)

A vulnerability, which was classified as critical, has been found in OpenEMR. This vulnerability affects the function pnVarCleanFromInput of the component PostCalendar Module. The manipulation of the argument dels leads to sql injection.

This vulnerability is listed as CVE-2026-33914. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More