CVE-2025-32967 – OpenEMR Password Change Event Logging Bypass Vulnerability

May 23, 2025

CVE ID : CVE-2025-32967

Published : May 23, 2025, 4:15 p.m. | 2 hours, 37 minutes ago

Description : OpenEMR is a free and open source electronic health records and medical practice management application. A logging oversight in versions prior to 7.0.3.4 allows password change events to go unrecorded on the client-side log viewer, preventing administrators from auditing critical actions. This weakens traceability and opens the system to undetectable misuse by insiders or attackers. Version 7.0.3.4 contains a patch for the issue.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43860 – OpenEMR Stored Cross-Site Scripting (XSS) Vulnerability

Next Article CVE-2025-32794 – OpenEMR Cross-Site Scripting (XSS) Vulnerability

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

Docker Compose gets new features for building and running agents

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

This discounted SSD fixed my gaming handheld’s biggest weakness — Extra storage space for Steam Deck, ASUS ROG Ally, and Lenovo Legion Go

These are the 5 Prime Day deals I’d buy if I weren’t about to have a baby

OpenAI’s $6.5 billion purchase fuels Sam Altman’s quest to build next-gen computers for “transcendentally good” AI — The biggest tech disruption since the iPhone?

Don’t miss out on the best ROG Ally accessory deals going on now — Improve your gaming handheld PC with a microSD card, power bank, dock, and more

Regolith – A JavaScript library immune to ReDoS attacks

Regolith – A JavaScript library immune to ReDoS attacks

Create Your Own Redux: Build a Custom State Management in React

Perficient Nagpur Celebrates Contentstack Implementation Certification Success!

This discounted SSD fixed my gaming handheld’s biggest weakness — Extra storage space for Steam Deck, ASUS ROG Ally, and Lenovo Legion Go

This discounted SSD fixed my gaming handheld’s biggest weakness — Extra storage space for Steam Deck, ASUS ROG Ally, and Lenovo Legion Go

These are the 5 Prime Day deals I’d buy if I weren’t about to have a baby

OpenAI’s $6.5 billion purchase fuels Sam Altman’s quest to build next-gen computers for “transcendentally good” AI — The biggest tech disruption since the iPhone?

CVE-2025-32967 – OpenEMR Password Change Event Logging Bypass Vulnerability

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

CVE-2025-4024 – iSourcecode Placement Management System SQL Injection Vulnerability

CVE-2025-22854 – PingFederate Google Adapter HTTP Response Handling Buffer Overflow

CVE-2025-0936 – Arista EOS gNMI Remote Credentials Disclosure

Governments are ditching Windows and Microsoft Office — new letter reveals the “real costs of switching to Windows 11”

Windows 10 vs Windows 11 Battery Life: Which OS Uses More Power?

Google flexes AI muscle with Gemini 2.5 Pro updates – who doesn’t love higher prompt limits?

CVE-2025-40667 – TCMAN’s GIM Missing Authorization Vulnerability (Authorization Bypass)

CVE-2025-22854 – PingFederate Google Adapter HTTP Response Handling Buffer Overflow

CVE-2025-32967 – OpenEMR Password Change Event Logging Bypass Vulnerability

Related Posts