AISLE Discovers 38 CVEs in Healthcare Software Used by 100,000 Medical Providers
Pangram verdict · v3.3
We believe that this document is primarily human-written, with some AI-generated content detected
AI likelihood · overall
MixedArticle text · 1,362 words · 5 segments analyzed
Healthcare is digitizing faster than it is being secured. AI-assisted diagnostics, telemedicine, and automated billing are expanding access to care at unprecedented speed, but the security practices protecting these systems have not kept up. At the same time, attackers are increasingly using AI to find vulnerabilities faster than ever. The result is a widening gap between what healthcare software can do and how well it is defended.OpenEMR sits squarely in that gap. It is one of the most widely adopted open-source electronic health record platforms in the world, used by over 100,000 medical providers serving more than 200 million patients across 34 languages. OpenEMR 8.0, released in February 2026, is ONC-certified under the U.S. federal Health IT certification program, including the full set of Privacy and Security criteria (§ 170.315(d)(1) through (d)(13)). Such reach makes protecting it essential.That is why we chose OpenEMR as a focus of our open-source partnership security work. Our goal is to strengthen critical infrastructure by applying the same autonomous analysis engine that uncovered twelve zero-days in OpenSSL to a codebase that millions of patients depend on daily. The OpenEMR maintainers collaborated closely with us and responded to findings with speed and professionalism. What follows is a summary of what we found, how the issues were fixed, and what this experience reveals about the state of healthcare application security.The Findings at a GlanceDuring Q1 2026, AISLE researchers Stanislav Fort, Petr Simecek, and Pavel Kohout applied the AISLE AI analyzer to the OpenEMR codebase and discovered 38 CVEs, accounting for more than half of all OpenEMR security advisories published on GitHub during this period.For comparison, the most prominent prior independent security audit of OpenEMR was the 2018 Project Insecurity report, which generated international press coverage and disclosed 23 vulnerabilities after an extended research effort by a dedicated human team. AISLE's analyzer found 38 in just one quarter. These vulnerabilities could have enabled a broad range of attacks against OpenEMR deployments. In the most severe cases, SQL injection vulnerabilities combined with modest database privileges could have led to full database compromise, PHI exfiltration at scale, and remote code execution on the server.
Notable FindingsEach of these vulnerabilities could be exploited to access or rewrite sensitive patient data:CVE-2026-24908: SQL Injection in Patient REST API Sort ParameterThe second CVSS 10.0 finding lived in OpenEMR's Patient REST API, where the _sort query parameter lets clients choose the ordering for returned results, a common REST pattern. The values passed to _sort were concatenated directly into SQL ORDER BY clauses with no validation, no whitelisting of allowed sort fields, and no identifier escaping. A single missed call meant any authenticated client with an OAuth2 bearer token could exploit the flaw three ways: UNION SELECT payloads to extract credential hashes or arbitrary table contents; time-based blind injection via SLEEP() to confirm exploitability; and if the database user held FILE privileges, escalation to arbitrary file read/write and remote code execution.CVE-2026-23627: SQL Injection in Immunization Search/ReportThe Immunization module's search and report endpoints had a similar flaw, but in the web UI rather than the REST API. The patient_id form parameter was split on commas and each piece was stitched directly into SQL WHERE clauses without parameterization or escaping. Because the injection point was in a WHERE clause rather than an ORDER BY, exploitation was more straightforward. A UNION SELECT could extract data from any table in a single request, and time-based blind injection worked with a simple SLEEP() call. If the database user held FILE privileges, the attacker could also read server files or write a web shell, escalating to remote code execution.CVE-2026-24487: FHIR Patient Compartment Bypass in CareTeamThe FHIR CareTeam endpoint returned care team data for every patient in the system, even when the request carried a patient-scoped OAuth2 token that should have restricted results to a single patient. The root cause was architectural: OpenEMR's FHIR layer uses a PHP interface (IPatientCompartmentResourceService) as a marker to decide which services receive patient-scoping filters. The FhirCareTeamService class never declared that interface, so the framework's instanceof check failed silently and no patient filter was injected. The underlying service already supported filtering by patient UUID; the code was simply never invoked.
Autonomous Issue FixesFor each of the 38 CVEs, AISLE generated a repository-native fix proposal that reused OpenEMR's own abstractions, authorization patterns, and sanitization helpers. For the critical-severity CVE-2026-23627, AISLE independently produced the patch. In other cases, OpenEMR maintainers adapted AISLE's proposed remediation into the final fix.This significantly reduced the time to remediation and made it easier for OpenEMR's dedicated maintainers to secure the codebase.A Partnership for Patient SafetyOur engagement with OpenEMR began in mid-December 2025, when the AISLE analyzer first started inspecting the codebase. We reported the initial batch of findings in mid-January 2026, and from the very first disclosures, the OpenEMR Foundation worked alongside us on remediation, reviewing findings quickly, iterating on fixes, and engaging with the technical detail of every issue. The bulk of the AISLE-reported fixes shipped in OpenEMR 8.0.0 on February 11, 2026, roughly four weeks after the first disclosures, with the remainder landing across three subsequent patch releases throughout March. In early April 2026, we formalized the partnership by integrating AISLE PRO, our AI-powered commit analyzer, into OpenEMR's code review workflow. Together, we can now detect many vulnerabilities at the code review stage, before they enter production, securing new code even as the team works through the existing backlog."For a project like OpenEMR, where the stakes are patient safety and health data privacy, we couldn't be more excited about our partnership with AISLE. Their autonomous analyzer uncovered dozens of vulnerabilities in our codebase. Now, with Aisle's analyzer running at the code review stage, we're catching and fixing vulnerabilities before they ever reach production."— Brady Miller, MD, Executive Director of the OpenEMR FoundationFrom Disclosure to Prevention with AISLEAI-powered attacks increasingly target healthcare institutions to steal personally identifiable information, extort payments, and disrupt the delivery of life-saving care.
Defenders need matching coverage. The OpenEMR engagement is what that looks like in practice: an autonomous analyzer finding real vulnerabilities in critical software, fixes landing in production within weeks, and the same system moving upstream to catch new vulnerabilities at code review, before they ever reach a patient record.If your organization depends on software to deliver care, schedule a demo to see what AISLE can do.Full Advisory ListThe single largest category. Many endpoints accepted user-supplied record identifiers (patient IDs, note IDs, form IDs) and operated on them without verifying that the caller was permitted to access the referenced record. In access-control terminology, this is known as an Insecure Direct Object Reference (IDOR). A related subset involved endpoints that omitted Access Control List (ACL) checks entirely, allowing any authenticated user to reach functionality intended for administrators or specific roles. At one extreme, a single endpoint bypassed authentication entirely.TitleSeverityWeaknessCVEUnauthenticated patient identity disclosureCriticalMissing AuthenticationCVE-2026-24898FHIR Patient Compartment Bypass in CareTeamHighInformation ExposureCVE-2026-24487Inverted ACL in CDR ControllerRouterHighMissing AuthorizationCVE-2026-32126Missing Authorization in Procedure Order Deletion HandlerHighMissing AuthorizationCVE-2026-34053IDOR in Patient Notes Web UIHighAuthorization BypassCVE-2026-34055Document and Insurance REST Endpoints Skip ACLHighMissing AuthorizationCVE-2026-25164Missing Authorization on Claim File DownloadHighMissing AuthorizationCVE-2026-33918Therapy Group Sensitivity ACL Not EnforcedHighIncorrect AuthorizationCVE-2026-32123Portal Payment Endpoint Trusts User-Controlled PIDHighAuthorization BypassCVE-2026-25147Missing Authorization in DICOM Viewer State APIHighAuthorization BypassCVE-2026-25927zhAclCheck Ignores Explicit ACL DeniesHighIncorrect AuthorizationCVE-2026-33302Portal Users Can Forge Provider SignaturesHighImproper AuthorizationCVE-2026-24890Authorization Bypass in Dated Reminders LogMediumAuthorization
BypassCVE-2026-33304Patient Picture IDORMediumAuthorization BypassCVE-2026-25929IDOR in Portal Payment PageMediumAuthorization BypassCVE-2026-33931Message Update Ignores Patient ID (REST API)MediumAuthorization BypassCVE-2026-25745Vitals API Accepts Attacker-Supplied IDMediumAuthorization BypassCVE-2026-25744Messages "Show All" Not Restricted to AdminsMediumAuthorization BypassCVE-2026-25220IDOR in Fee Sheet Product SaveMediumAuthorization BypassCVE-2026-32120Eye Exam View IDORMediumAuthorization BypassCVE-2026-27943Authorization Bypass in FaxSMS AppDispatch ConstructorMediumIncorrect Behavior OrderCVE-2026-33305Missing Authorization on Claim File Tracker AJAX EndpointMediumMissing AuthorizationCVE-2026-32122Portal Patients Can Read Staff SignaturesMediumAuthorization BypassCVE-2026-33934Printable LBF Endpoint Leaks Arbitrary Patient FormsMediumAuthorization BypassCVE-2026-25930Cross-site scriptingUser-controlled data was rendered into HTML or JavaScript without proper encoding, allowing an attacker to inject code that would run in another user's browser session. Several of these crossed the trust boundary between the patient portal and the clinical staff interface, meaning a patient could inject code that would execute in a clinician's or administrator's session.TitleSeverityWeaknessCVEStored DOM XSS via .html() in Portal Signer ModalHighCross-site ScriptingCVE-2026-32121Stored XSS in CCDA Preview via linkHtmlHighCross-site ScriptingCVE-2026-33932Stored XSS in Portal Payment via table_argsHighCross-site ScriptingCVE-2026-33346Stored XSS in Track Anything GraphsMediumCross-site ScriptingCVE-2026-32125Stored XSS in Graphical Pain MapMediumCross-site