Open Medical A.I CyberSecurity Scoring
Open Medical
Company Information
Website:http://www.openmedical.co.uk
Employees number:52
Number of followers:10,873
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:openmedical.co.uk
Open Medical Risk Score (AI oriented)
Between 700 and 749
Open MedicalHospitals and Health Care
Updated:
26/06/2026
26/06/2026
749/1000
Moderate
Ba
Open Medical Global Score (TPRM)
xxxx
Open MedicalHospitals and Health Care
Score locked

Open MedicalModerate
Current Score
749Ba (MODERATE)
01000
1 incidents
-11 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
749
JUNE 2026
749
MAY 2026
760
Vulnerability
18 May 2026 • Open Medical
Open Health Imaging Foundation: High-Severity Vulnerability Identified in OHIF Viewers DICOM
High-Severity SSRF Vulnerability in OHIF Viewers DICOM Exposes Clinician Tokens
749
CRITICAL-11
OPE1782476713
High-Severity SSRF Vulnerability in OHIF Viewers DICOM Exposes Clinician Tokens
A high-severity Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-12473) has been discovered in OHIF (Open Health Imaging Foundation) Viewers DICOM, a widely used medical imaging framework. The flaw, rated 8.2 (CVSS v3.1) and 8.3 (CVSS v4.0), could allow attackers to steal an authenticated clinician’s OIDC Bearer token by tricking them into clicking a malicious link.
The vulnerability stems from two default-configured data sources DICOMWebProxy and DICOMJSON which fetch arbitrary URL parameters without proper validation. When exploited, a global authentication service in OHIF injects the clinician’s token into the request, potentially sending it to an attacker-controlled server. Notably, the flaw does not affect DICOMweb data sources.
The issue impacts OHIF DICOM Web Viewer Framework versions prior to 3.12.0. The maintainers released a patch in version 3.12.2 on May 18, 2026, addressing the flaw via commits OHIF/Viewers#5985 (master) and OHIF/Viewers#5978 (release/3.12). Organizations using OHIF with authentication or relying on dicomwebproxy/dicomjson in authenticated deployments are urged to review additional mitigation steps outlined in the CISA security advisory.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
760
MARCH 2026
760
FEBRUARY 2026
760
JANUARY 2026
760
DECEMBER 2025
760
NOVEMBER 2025
760
OCTOBER 2025
760
SEPTEMBER 2025
760
AUGUST 2025
760
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Open Medical ??
What was Open Medical's A.I Rankiteo Cyber Score in June 2026 ??
What was Open Medical's A.I Rankiteo Cyber Score in May 2026 ??
What was Open Medical's A.I Rankiteo Cyber Score in April 2026 ??
What was Open Medical's A.I Rankiteo Cyber Score in March 2026 ??
What was Open Medical's A.I Rankiteo Cyber Score in February 2026 ??
What was Open Medical's A.I Rankiteo Cyber Score in January 2026 ??
What was Open Medical's A.I Rankiteo Cyber Score in December 2025 ??
What was Open Medical's A.I Rankiteo Cyber Score in November 2025 ??
What was Open Medical's A.I Rankiteo Cyber Score in October 2025 ??
What was Open Medical's A.I Rankiteo Cyber Score in September 2025 ??
What was Open Medical's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Open Medical's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Open Medical ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Open Medical's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?