Openemr - Openemr - HIGH - CVE-2025-67645. OpenEMR, a widely used electronic health record and medical practice management application, is susceptible to a broken access control vulnerability in the Profile Edit endpoint. This issue affects versions prior to 7.0.4 and allows authenticated users to manipulate request parameters, leading to unauthorized modifications of other users' profile data, such as personal details and contact information. If exploited, this vulnerability can facilitate account takeovers, putting sensitive health information at risk. Users are urged to upgrade to version 7.0.4 or later to safeguard against this exploitation.