KiviCare – Clinic & Patient Management System (EHR), CVE-2026-25022

CVE, Research URL: CVE-2026-25022
Home page URL: Security reports for KiviCare – Clinic & Patient Management System (EHR)
Application: KiviCare – Clinic & Patient Management System (EHR)
Published on: Feb 03, 2026
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Blind SQL Injection.This issue affects KiviCare: from n/a through <= 3.6.16.
Affected versions: max 3.6.16.
Status: vulnerable

KiviCare &#8211; Clinic &amp; Patient Management System (EHR), CVE-2026-25022