What is the CVSS score of CVE-2026-34056?

CVE-2026-34056 has a CVSS 3.1 base score of 7.7 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of Openemr are affected by CVE-2026-34056?

OpenEMR versions up to 8.0.0.3 contain a broken access control vulnerability allowing low-privilege authenticated users to view and download sensitive Ensora eRx error logs, potentially exposing…

How to fix or mitigate CVE-2026-34056?

Within 24 hours: Inventory all OpenEMR 8.0.0.3 and earlier installations and verify network accessibility; document current user roles and access levels. Within 7 days: Implement network segmentation to restrict OpenEMR access to authorized clinical staff only, and review access logs for suspicious eRx log downloads by low-privilege users. Within 30 days: Contact OpenEMR vendor for patch timeline; evaluate upgrade path to versions beyond 8.0.0.3 when available, or implement application-level access controls to restrict eRx log visibility pending patch release.

Openemr CVE-2026-34056

HIGH

Improper Authorization (CWE-285)

2026-03-25 GitHub_M

Information Disclosure Openemr

7.7

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

7.7 HIGH

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 26, 2026 - 00:12 vuln.today

CVE Published

Mar 25, 2026 - 23:53 nvd

HIGH 7.7

DescriptionGitHub Advisory

OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low-privilege users to view and download Ensora eRx error logs without proper authorization checks. This flaw compromises system confidentiality by exposing sensitive information, potentially leading to unauthorized data disclosure and misuse. As of time of publication, no known patches versions are available.

AnalysisAI

Low-privilege authenticated users in OpenEMR versions up to and including 8.0.0.3 can view and download Ensora eRx error logs due to missing authorization checks, exposing sensitive healthcare system information. This broken access control vulnerability (CVSS 7.7) affects network-accessible installations and has a 3% EPSS exploitation probability (8th percentile), with no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Authenticate as low-privilege user

Delivery

Access Ensora eRx error logs endpoint

Exploit

Bypass authorization checks

Execution

Download sensitive error logs

Impact

Expose confidential health data

Access

Authenticate as low-privilege user

Delivery

Access Ensora eRx error logs endpoint

Exploit

Bypass authorization checks

Execution

Download sensitive error logs

Impact

Expose confidential health data

Vulnerability AssessmentAI

Exploitation	Requires low-privilege authenticated user account in OpenEMR versions up to 8.0.0.3. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The CVSS 7.7 score reflects a high confidentiality impact with changed scope (S:C), indicating the vulnerability can affect resources beyond the vulnerable component. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An authenticated attacker with low-privilege credentials (such as a front-desk staff account or compromised limited-access user) connects to the OpenEMR web interface over the network and directly navigates to the Ensora eRx error log endpoints. Because the application fails to verify whether the user has authorization to view these logs, the attacker successfully downloads error files containing prescription transaction failures, patient identifiers, pharmacy information, and internal system details. …
Remediation	No vendor-released patch identified at time of analysis according to the CVE disclosure statement. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all OpenEMR 8.0.0.3 and earlier installations and verify network accessibility; document current user roles and access levels. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-34056 vulnerability details – vuln.today

Back

Openemr CVE-2026-34056

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code