{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32238", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-11T14:47:05.684Z", "datePublished": "2026-03-19T19:30:53.616Z", "dateUpdated": "2026-03-20T18:11:09.011Z"}, "containers": {"cna": {"title": "OpenEMR has Remote Code Execution in backup functionality", "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "lang": "en", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/openemr/openemr/security/advisories/GHSA-6pmc-3xm7-pm86", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openemr/openemr/security/advisories/GHSA-6pmc-3xm7-pm86"}, {"name": "https://github.com/openemr/openemr/commit/7bc7bd077a624e205daed17658de41af6070ef73", "tags": ["x_refsource_MISC"], "url": "https://github.com/openemr/openemr/commit/7bc7bd077a624e205daed17658de41af6070ef73"}], "affected": [{"vendor": "openemr", "product": "openemr", "versions": [{"version": "< 8.0.0.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-19T19:30:53.616Z"}, "descriptions": [{"lang": "en", "value": "OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.2 contain a Command injection vulnerability in the backup functionality that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input validation in the backup functionality. Version 8.0.0.2 fixes the issue."}], "source": {"advisory": "GHSA-6pmc-3xm7-pm86", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/openemr/openemr/security/advisories/GHSA-6pmc-3xm7-pm86", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-20T17:08:51.171713Z", "id": "CVE-2026-32238", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T18:11:09.011Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32238", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-20T17:08:51.171713Z"}}}], "references": [{"url": "https://github.com/openemr/openemr/security/advisories/GHSA-6pmc-3xm7-pm86", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T17:09:04.086Z"}}], "cna": {"title": "OpenEMR has Remote Code Execution in backup functionality", "source": {"advisory": "GHSA-6pmc-3xm7-pm86", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "openemr", "product": "openemr", "versions": [{"status": "affected", "version": "< 8.0.0.2"}]}], "references": [{"url": "https://github.com/openemr/openemr/security/advisories/GHSA-6pmc-3xm7-pm86", "name": "https://github.com/openemr/openemr/security/advisories/GHSA-6pmc-3xm7-pm86", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/openemr/openemr/commit/7bc7bd077a624e205daed17658de41af6070ef73", "name": "https://github.com/openemr/openemr/commit/7bc7bd077a624e205daed17658de41af6070ef73", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.2 contain a Command injection vulnerability in the backup functionality that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input validation in the backup functionality. Version 8.0.0.2 fixes the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-19T19:30:53.616Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32238", "state": "PUBLISHED", "dateUpdated": "2026-03-20T18:11:09.011Z", "dateReserved": "2026-03-11T14:47:05.684Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-19T19:30:53.616Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:*", "matchCriteriaId": "C78F19AD-BD18-4F61-8B1C-DD099DBC6D34", "versionEndExcluding": "8.0.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.2 contain a Command injection vulnerability in the backup functionality that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input validation in the backup functionality. Version 8.0.0.2 fixes the issue."}], "id": "CVE-2026-32238", "lastModified": "2026-03-20T19:16:15.603", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-19T20:16:14.057", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/openemr/openemr/commit/7bc7bd077a624e205daed17658de41af6070ef73"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/openemr/openemr/security/advisories/GHSA-6pmc-3xm7-pm86"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/openemr/openemr/security/advisories/GHSA-6pmc-3xm7-pm86"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,8.0.0.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "openemr", "source": "cna", "vendor": "openemr"}, "product": "openemr", "vendor": "openemr"}], "analysis": {"en": {"generated_at": "2026-03-20T17:29:54.301605+00:00", "value": {"mitigation_remediation": ["Upgrade OpenEMR to version 8.0.0.2 or later to apply the fix for the command\u2011injection vulnerability."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "OpenEMR products before version 8.0.0.2 are affected. The vulnerability exists in all releases prior to the referenced fix, and affects installations of the openemr application regardless of deployment size or geography.", "description_and_impact": "The vulnerability is a command injection flaw in the backup feature of OpenEMR. Because inputs are not properly validated, an attacker who can authenticate to the system can supply arbitrary commands that the server will execute. This allows the attacker to take full control of the host, compromising confidentiality, integrity, and availability of the entire electronic health record environment.", "risk_and_exploitability": "The CVSS score is 9.1, indicating high severity and a high likelihood of damaging exploitation. The EPSS score is below 1%, suggesting that active exploitation in the wild is currently low. The vulnerability is not listed in the CISA KEV catalog, but the combination of remote command execution with required authentication means that only users with legitimate access can abuse the flaw. An internal attacker or a compromised legitimate user can trigger the exploit through the backup functionality. The exploit path requires that the user have permission to access the backup interface and that the application is running a vulnerable version before 8.0.0.2."}}}}, "created": "2026-03-20T08:56:28.256800+00:00", "updated": "2026-03-25T11:55:12.799701+00:00", "vendors": ["openemr", "openemr$PRODUCT$openemr"]}