CVE-2026-6060

MEDIUM EPSS 8.9%
Published Apr 20, 20262mo ago · Modified Jun 17, 20261w ago
4.5 CVSS 3.1
Medium
Find Similar
Published Apr 20, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS:  * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.3.X

CVSS Details

Base Score
4.5
Exploitability
0.9
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required High
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 2

CWE-400 Uncontrolled Resource Consumption Resource Mgmt
CWE-770

References 1

  • otrs.com https://otrs.com/release-notes/otrs-security-advisory-2026-01/

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.