A vulnerability described as critical has been identified in OpenEMR up to 8.0.0.2 . Affected by this issue is some unknown functionality of the component DICOM Export . Executing a manipulation can lead to path traversal. This vulnerability appears as CVE-2026-25928 . The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.