CVE-2026-22783 | dfir-iris iris-web up to 2.4.23 file_local_name unrestricted upload (GHSA-qhqj-8qw6-wp8v)

A vulnerability was found in dfir-iris iris-web up to 2.4.23. It has been classified as critical. Impacted is an unknown function. The manipulation of the argument file_local_name leads to unrestricted upload.

This vulnerability is traded as CVE-2026-22783. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More