Skip to content
Explore more InterSystems sites:
Australia New Zealand
Australia & New Zealand
Benelux
Benelux:
Benelux:
Brazil
Brazil
Chile
Chile
China
China
Czech Republic
Czech Republic
Finland
Finland
France
France
Germany
Germany
Hungary
Hungary
indonesian flag
Indonesia
Italy
Italy
Japan
Japan
Middle East Region
Middle East
South Africa
South Africa
Middle East Region
Southeast Asia
Spain
Spain
Sweden
Sweden
United Kingdom Ireland
United Kingdom & Ireland
United States
United States
Explore more InterSystems sites:
Australia New Zealand
Australia & New Zealand
Benelux
Benelux:
Benelux:
Brazil
Brazil
Chile
Chile
China
China
Czech Republic
Czech Republic
Finland
Finland
France
France
Germany
Germany
Hungary
Hungary
indonesian flag
Indonesia
Italy
Italy
Japan
Japan
Middle East Region
Middle East
South Africa
South Africa
Middle East Region
Southeast Asia
Spain
Spain
Sweden
Sweden
United Kingdom Ireland
United Kingdom & Ireland
United States
United States
Search to learn about InterSystems products and solutions, career opportunities, and more.
Home
Product Alerts & Advisories
InterSystems Security Public Notification

InterSystems Security Public Notification

Apr 17, 2025

InterSystems has addressed security vulnerabilities that impact applications using OAuth2 Client configurations on InterSystems IRIS, InterSystems IRIS for Health, HealthShare, HealthShare HealthConnect, TrakCare, Caché, and Ensemble. Remediation steps and additional guidance documentation are available from the InterSystems Worldwide Response Center (WRC).

Please reference “SVR2024B” when discussing this notice.

For assistance with remediation contact your Application Provider or InterSystems Worldwide Response Center. 

Direct customers of InterSystems were initially informed about the vulnerabilities on November 20, 2024.
RELATED TOPICS
InterSystems IRIS InterSystems IRIS for Health HealthShare TrakCare Caché Ensemble

Latest Alerts & Advisories

Feb 11, 2026
Product Alerts & Advisories
Advisory: Custom Agreement Function Causes Error During Linkage Rebuild
This problem affects the following products:
More
Feb 11, 2026
Product Alerts & Advisories
Advisory: Deleted HealthShare Namespaces May Only Be Partially Removed from the Federation
This problem affects the following products:
More
Feb 11, 2026
Product Alerts & Advisories
Advisory: Consent Filtering Does Not Block Demographics from Appearing on a Clinician’s Recently Viewed Patient List
This problem affects the following products:
More
Feb 11, 2026
Product Alerts & Advisories
Advisory: ApplyConsent Setting for IHE Patient Query Processes is Disabled by Default
This problem affects the following products:
More
Feb 11, 2026
Product Alerts & Advisories
Advisory: Purge Task for Expire and Query Edge Gateways Does Not Delete All Expired MRNs
This problem affects the following products:
More
Feb 11, 2026
Product Alerts & Advisories
Advisory: Purge Task for Expire and Query Edge Gateways Fails to Complete Due to Streamlet Matcher Errors
This problem affects the following products:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: Database Deletion Fail-Safe Option
This problem affects all versions the following products prior to 2025.2:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: Orphaned Care Plans After Multiple Patient Merges
This problem affects the following products:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: HealthShare Does Not Support a Single Edge Gateway That Ingests Both CCDA Documents and HL7v2 Messages
This problem affects all versions of Unified Care Record and Information Exchange.
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: Web Gateway Apache Web Server Logs Request PHI and Potentially the JWT Token Credential
This problem affects all versions of the following products:
More
View All Alerts & Advisories