CVE-2026-33304 | OpenEMR up to 8.0.0.2 Reminder Message sentTo[]/sentBy[] authorization (GHSA-66j9-ffq4-h222)

A vulnerability categorized as problematic has been discovered in OpenEMR up to 8.0.0.2. This issue affects some unknown processing of the component Reminder Message Handler. The manipulation of the argument sentTo[]/sentBy[] results in authorization bypass.

This vulnerability was named CVE-2026-33304. The attack may be performed from remote. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More