CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ⬡ Vulnerabilities & CVEs Jun 14, 2026

CVE-2026-12207 | medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed HTTP REST API PatientController.php actionGetPatientById ID resource injection

VulDB Archived Jun 14, 2026 ! Full text unavailable

A vulnerability, which was classified as critical , was found in medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed . Impacted is the function actionGetPatientById of the file app\modules\medical\port\rest\controllers\PatientController.php of the component HTTP REST API . The manipulation of the argument ID results in improper control of resource identifiers. This vulnerability was named CVE-2026-12207 . The attack may be performed from remote. In addition, an exploit is available.

Full text unavailable — view original
✦ AI Summary · Claude Sonnet


    Full text unavailable.
    Open original ↗
    💬 Team Notes
    Article Info
    Source
    VulDB
    Category
    ⬡ Vulnerabilities & CVEs
    Published
    Jun 14, 2026
    Archived
    Jun 14, 2026
    Full Text
    ✗ Not available
    Open Original ↗