PatchSiren

medkey-org CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW medkey-org CVE published 2026-06-15

CVE-2026-12207

CVE-2026-12207 is an improper control of resource identifiers vulnerability in Medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed. The vulnerability affects the function actionGetPatientById of the file app/modules/medical/port/rest/controllers/PatientController.php of the component HTTP REST API. The manipulation of the argument ID results in improper control of resource identifiers. The attack may be [truncated]