CVE-2026-33934 | OpenEMR up to 8.0.0.3 Companion Write Endpoint show-signature.php User authorization (GHSA-w9w5-7x6h-657q)

A vulnerability was found in OpenEMR up to 8.0.0.3. It has been classified as problematic. Affected by this issue is some unknown functionality in the library portal/sign/lib/show-signature.php of the component Companion Write Endpoint. The manipulation of the argument User leads to authorization bypass.

This vulnerability is traded as CVE-2026-33934. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More