CVE-2026-33917 | OpenEMR up to 8.0.0.3 CAMOS Form ajax_save sql injection (GHSA-r6xq-mfwf-wgq8)

March 26, 2026 Yanac

A vulnerability was found in OpenEMR up to 8.0.0.3. It has been declared as critical. Impacted is the function ajax_save of the component CAMOS Form. Such manipulation leads to sql injection.

This vulnerability is traded as CVE-2026-33917. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More