CVE-2026-48189 in Community Editioninfo

Zusammenfassung

von MITRE • 01.06.2026

An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected.

This issue affects OTRS:

* 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

OTRS

Reservieren

21.05.2026

Veröffentlichung

01.06.2026

Moderieren

akzeptiert

Eintrag

VDB-367603

CPE

bereit

CWE

CWE-200 (bestätigt)

CVSS

5.7 (CNA)

EPSS

0.00031

KEV

nein

Aktivitäten

very low

Sektor

Energy, Finance, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-48189
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-48189
CVE Details	https://www.cvedetails.com/cve/CVE-2026-48189/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!