Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-d9kj-98d9-53gv
SummaryOpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 have an improper access control on the Import/Export functionality, allowing unauthorized users to perform import and export actions through direct request manipulation despite UI restrictions. This can lead to unauthorized data access, bulk data extraction, and manipulation of system data. Version 8.0.0.3 contains a fix.
Aliases
0
alias CVE-2026-34051
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34051
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.0742
published_at 2026-06-13T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.07412
published_at 2026-06-14T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07428
published_at 2026-06-12T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07389
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34051
1
reference_url https://github.com/openemr/openemr/commit/81c097f7852fc60d45adf6c13baa86cd0a1b400b
reference_id 81c097f7852fc60d45adf6c13baa86cd0a1b400b
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-28T01:50:23Z/
url https://github.com/openemr/openemr/commit/81c097f7852fc60d45adf6c13baa86cd0a1b400b
2
reference_url https://github.com/openemr/openemr/security/advisories/GHSA-54m8-wpg9-9665
reference_id GHSA-54m8-wpg9-9665
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-28T01:50:23Z/
url https://github.com/openemr/openemr/security/advisories/GHSA-54m8-wpg9-9665
3
reference_url https://github.com/openemr/openemr/releases/tag/v8_0_0_3
reference_id v8_0_0_3
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-28T01:50:23Z/
url https://github.com/openemr/openemr/releases/tag/v8_0_0_3
Weaknesses
0
cwe_id 285
name Improper Authorization
description The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
1
cwe_id 425
name Direct Request ('Forced Browsing')
description The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
Exploits
Severity_range_score5.4 - 5.4
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-d9kj-98d9-53gv