CVE-2026-29187 | OpenEMR up to 8.0.0.2 Patient Search new_search_popup.php sql injection (GHSA-2r7h-xm8v-m872)

A vulnerability, which was classified as critical, was found in OpenEMR. This impacts an unknown function of the file /interface/new/new_search_popup.php of the component Patient Search. Such manipulation leads to sql injection.

This vulnerability is documented as CVE-2026-29187. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More