Hacker News
AISLE AI Discovers 38 CVEs in OpenEMR Healthcare Software Used by 100K Providers — 172 Points on HN
AI-native security platform AISLE found 38 CVEs in OpenEMR during Q1 2026, including two critical CVSS 10.0 SQL injection flaws that could enable full database compromise and PHI exfiltration across 200M+ patients. This accounted for more than half of all OpenEMR security advisories in the period. Fixes shipped in OpenEMR 8.0.0 (Feb 11, 2026), and AISLE PRO was integrated into OpenEMR's code review workflow in April. 172 points, 110 comments.
↳ Follow the thread