AISLE AI Discovers 38 Critical Vulnerabilities in OpenEMR, Most-Widely Used Open-Source EHR Platform
Key Takeaways
- ▸AISLE's autonomous AI analyzer discovered 38 CVEs in OpenEMR, including multiple critical SQL injection flaws that could enable database compromise, PHI exfiltration, and remote code execution
- ▸The discovery significantly exceeds previous audit efforts: 38 vulnerabilities in one quarter compared to 23 found during the 2018 Project Insecurity manual audit
- ▸OpenEMR is ONC-certified and used by 100,000+ medical providers serving 200+ million patients, making these security improvements critical to protecting patient data at scale
Summary
AISLE, an AI-driven security research organization, discovered 38 CVEs in OpenEMR, one of the world's most widely adopted open-source electronic health record (EHR) platforms, during Q1 2026. The vulnerabilities were identified using AISLE's autonomous AI analyzer—the same technology that previously uncovered twelve zero-days in OpenSSL. OpenEMR is used by over 100,000 medical providers serving more than 200 million patients across 34 languages, making the discovery a critical security finding for the healthcare industry.
The research team, composed of Stanislav Fort, Petr Simecek, and Pavel Kohout, identified vulnerabilities that could enable SQL injection attacks, protected health information (PHI) exfiltration, and remote code execution. Notable findings include CVE-2026-24908 (CVSS 10.0), a SQL injection flaw in OpenEMR's Patient REST API sort parameter that could allow authenticated attackers to extract credential hashes or escalate to arbitrary file read/write, and CVE-2026-23627, affecting the Immunization module's search functionality. The discovery is historically significant: AISLE's AI analyzer identified 38 vulnerabilities in a single quarter, surpassing the 23 vulnerabilities found during the extensive 2018 Project Insecurity audit conducted by human researchers.
The OpenEMR maintainers collaborated closely with AISLE throughout the research and addressed the findings with demonstrated speed and professionalism. The research underscores a critical gap in healthcare security: while medical technology is digitizing rapidly, security practices have not kept pace. The findings reveal how AI-assisted vulnerability discovery can identify threats at scale and speed that traditional human auditing cannot match, while also highlighting the urgent need to secure critical healthcare infrastructure serving hundreds of millions of patients worldwide.
- The vulnerabilities demonstrate both the power of AI-assisted security research and the urgent need for healthcare systems to accelerate their security practices to match digital transformation speeds
Editorial Opinion
AISLE's discovery of 38 vulnerabilities in OpenEMR is a watershed moment for healthcare cybersecurity—it demonstrates that AI-assisted vulnerability research can identify critical threats at a pace and scale that human auditors cannot match. However, the sheer volume of findings should serve as a wake-up call: if a single quarter of AI analysis uncovers this many flaws in the world's most widely-used open-source EHR platform, how many similar vulnerabilities remain hidden in other critical healthcare systems? The healthcare industry must fundamentally accelerate its approach to security engineering and adopt AI-assisted analysis not as an emergency response tool, but as a standard practice. The collaborative model AISLE and OpenEMR demonstrated—rapid disclosure, transparent remediation, and coordinated vulnerability management—should become the industry standard.
