CVE-2026-48187
Email with special content can lead to DoS
CVSS Score
5.7
EPSS Score
0.0%
EPSS Percentile
10th
An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS: * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X Please note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected
| CWE | CWE-400 CWE-770 |
| Vendor | otrs ag |
| Product | otrs |
| Published | Jun 1, 2026 |
| Last Updated | Jun 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for otrs ag otrs
Be the first to know when new medium vulnerabilities affecting otrs ag otrs are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected Versions
OTRS AG / OTRS
8.0.x 2023.x 2024.x 2025.x 2026.x โค 2026.3.x
OTRS AG / ((OTRS)) Community Edition
All versions affected