If you discover a security vulnerability in OpenEMR, there are 2 options for reporting the vulnerability to the OpenEMR security group.
- Report via our huntr page. Bounty eligibility, CVE assignment, response times and past reports are all there.
Option 2. Email [email protected]
- Send an email to [email protected] . If possible, please encrypt your email via PGP with this public key.