CVE-2026-47672
Deferred Deferred - Pending Action
Arbitrary Document Write in epa4all-client

Publication date: 2026-05-26

Last updated on: 2026-05-26

Assigner: GitHub, Inc.

Description
epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment (e.g., following the production Docker example in the README), this is exploitable from the local network without credentials.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-26
Last Modified
2026-05-26
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-14
NVD
CVE-2026-47672
EUVD
EUVD-2026-31998
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in epa4all-client, the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In versions 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record that is accessible by the institution's SMC-B card.

This means that if the deployment is misconfigured, such as following the production Docker example in the README, an attacker on the local network can exploit this vulnerability without needing any credentials.

Impact Analysis

This vulnerability allows an attacker to write arbitrary documents into any patient's electronic health record accessible by the institution's SMC-B card.

Such unauthorized modifications can lead to data integrity issues, potentially causing incorrect medical information to be stored, which may affect patient care.

Because the exploit can be performed without credentials from the local network in misconfigured deployments, it increases the risk of unauthorized data manipulation.

Compliance Impact

This vulnerability allows any network-reachable caller to write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card, potentially leading to unauthorized modification of sensitive health data.

Such unauthorized data manipulation could violate data integrity and security requirements mandated by regulations like GDPR and HIPAA, which require protection of personal health information against unauthorized access and alteration.

Therefore, the vulnerability could negatively impact compliance with these standards by exposing patient records to unauthorized changes, risking breaches of confidentiality and data integrity.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-47672. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart