cbcvebase.
CVE-2026-6060
published 2026-04-20

CVE-2026-6060: A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be…

PriorityP420medium4.5CVSS 3.1
AVNACLPRHUIRSUCNINAH
EPSS
0.19%
8.9th percentile
A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS:

* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.3.X

Affected

6 ranges
VendorProductVersion rangeFixed in
otrs_agotrs
otrs_agotrs
otrs_agotrs
otrs_agotrs
otrs_agotrs
otrs_agotrs2026.x – 2026.2.x
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.