CVE-2026-25220 | OpenEMR up to 7.x Message Center getPnotesByUser authorization (GHSA-phcp-7qjx-83cm)
A vulnerability has been found in OpenEMR up to 7.x and classified as problematic. This affects the function getPnotesByUser of the component Message Center. This manipulation causes authorization bypass.
This vulnerability appears as CVE-2026-25220. The attack may be initiated remotely. There is no available exploit.
The affected component should be upgraded.