What is CVE-2026-48245?

CVE-2026-48245 is a medium-severity vulnerability in Open Ises Tickets, classified under Use of Hard-coded Credentials. CVSS score: 5.3/10. Published 2026-05-21.

How severe is CVE-2026-48245?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Open Ises Tickets

CVE-2026-48245

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform…

EPSS: 0.000 (11.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Open Ises Tickets — versions 0

Weakness classification (CWE)

CWE-798 — Use of Hard-coded Credentials

References

disclosure@vulncheck.com (release-notes)
disclosure@vulncheck.com (patch)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2026-48245?: CVE-2026-48245 is a medium-severity vulnerability in Open Ises Tickets, classified under Use of Hard-coded Credentials. CVSS score: 5.3/10. Published 2026-05-21.
How severe is CVE-2026-48245?: Medium severity. CVSS v3 base score is 5.3 out of 10.