PatchSiren

Bahmni CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW Bahmni CVE published 2026-07-12

CVE-2026-15477

CVE-2026-15477 is a SQL injection vulnerability in the Bahmni bahmnicore component. The vulnerability affects versions up to 0.93 and can be exploited remotely. The issue is due to improper handling of user input in the /openmrs/ws/rest/v1/bahmnicore/sql endpoint. Upgrading to version 0.93.1, 1.0.1, 1.1.1, 1.2.1, 1.3.1, or 2.0.1 mitigates this issue. This vulnerability has a CVSS score of 2.1 and is consi [truncated]