CVE-2026-48191 | OTRS Community Edition up to 2026.3.x STORM default permission

A vulnerability was found in OTRS Community Edition up to 2026.3.x. It has been declared as critical. The affected element is an unknown function of the component STORM. Such manipulation leads to incorrect default permissions.

This vulnerability is traded as CVE-2026-48191. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More