CVE-2026-41522 | dfir-iris iris-web up to 2.4.27 REST API improper authorization (GHSA-3mxh-x92q-9r25)

A vulnerability marked as critical has been reported in dfir-iris iris-web up to 2.4.27. The affected element is an unknown function of the component REST API. This manipulation causes improper authorization.

This vulnerability is tracked as CVE-2026-41522. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More