An AI-powered analysis of the OpenEMR codebase uncovered 38 previously undisclosed vulnerabilities in the open source electronic health record (EHR) platform used by more than 100,000 healthcare providers worldwide.
The vulnerabilities, all patched now, range in severity from medium to critical and include missing or incorrect authorization checks, cross-site scripting (XSS) flaws, SQL injection, path traversal, and session-related issues.
More Than Three Dozen Flaws in 3 Months
The flaws could have enabled a broad range of attacks against OpenEMR deployments, according to researchers at Aisle, which used the company’s AI-powered platform to autonomously scan the OpenEMR codebase. “In the most severe cases, SQL injection vulnerabilities combined with modest database privileges could have led to full database compromise, PHI exfiltration at scale, and remote code execution on the server,” the cybersecurity vendor said in a report this week.
Aisle discovered the 38 new CVEs in a span of just three months and reported them to the OpenEMR team, which released an updated version of its software (version 8.0.0) in February, then rolled out more patches to address additional issues in March.
The discovery is the latest example of how AI-powered tools have fundamentally transformed vulnerability research, compressing what previously used to take months of painstaking manual analysis into weeks and even days. As Aisle noted in its report, a comparable independent security audit of OpenEMR conducted in 2018 by a team of security researchers took much longer and yielded a smaller set of 23 vulnerabilities.
The accelerating flood of newly discovered vulnerabilities has begun posing new challenges for security teams from the perspective of triage, prioritization, and patching, especially because many of the issues that AI tools uncover turn out to be insignificant or not relevant. There is also growing concern over bad actors using the same AI tools to uncover vulnerabilities and exploits before defenders have a chance to address them — a worry that prompted the recent launch of Anthropic’s Project Glasswing.
Notable Vulnerabilities
Aisle’s report highlighted three of the newly discovered OpenEMR vulnerabilities: CVE-2026-24908, CVE-2026-23627 and CVE-2026-24487.
CVE-2026-24908 is a maximum severity flaw (CVSS: 10.0) in OpenEMR’s Patient REST API that allows external systems to request and retrieve patient records. The SQL Injection flaw gives anyone with a valid login credential to OpenEMR a way to retrieve password hashes and browse the contents of any database table. Under certain conditions, it enables an attacker to read or write arbitrary files on the server and potentially take full remote control of the underlying system.
CVE-2026-23627 (CVSS: 8.8) is a similar SQL injection flaw, this one affecting OpenEMR’s immunization tracking module. The flaw allows an authenticated attacker to use specially crafted SQL queries to take over the underlying database, steal patient health information and credentials, and under some conditions enable remote code execution.
CVE-2026-24487 (CVSS:6.5) is an authorization bypass flaw in OpenEMR’s FHIR CareTeam endpoint, the interface that allows external healthcare systems to retrieve records of the clinical staff assigned to a patient’s care. The flaw incorrectly returned data for every patient in the system rather than just the relevant patient’s data.
For each of the 38 vulnerabilities it discovered, Aisle also proposed fixes that OpenEMR maintainers could review and apply directly to their existing code, minimizing the time and effort that would have been involved to address them. OpenEMR has since also integrated Aisle’s AI-powered analyzer into its code review process to automatically scan new code for vulnerabilities and to address them before production.
