CVE-2026-42539

MEDIUM(6.5)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Risk Signal Score21/100 — NIEDRIG

CVSS 6.5 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

6.5

Technische Schwere

Beschreibung

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return sensitive data to the user which are not required for the client’s operation. Version 2.4.28 contains a patch.

Referenzen

https://github.com/dfir-iris/iris-web/security/advisories/GHSA-g588-5gmf-p5cx
http://www.openwall.com/lists/oss-security/2026/05/19/9
https://github.com/dfir-iris/iris-web/security/advisories/GHSA-g588-5gmf-p5cx