If you discover a security vulnerability in OpenEMR, there are 2 options for reporting the vulnerability to the OpenEMR security group.

• Report via our huntr page. Bounty eligibility, CVE assignment, response times and past reports are all there.

• Send an email to [email protected] . If possible, please encrypt your email via PGP with this public key.