CVE-2026-42539
6.5 MEDIUMIRIS is a web collaborative platform that helps incident responders share technical details during investigations
Published: 2026-06-04 · Last updated: 2026-06-08
Severity and scoring
- CVSS
- 6.5 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-201
Description
IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return sensitive data to the user which are not required for the client’s operation. Version 2.4.28 contains a patch.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-46481 — OpenMetadata is a unified metadata platform (8.3 HIGH)
- CVE-2026-45739 — Strawberry GraphQL is a library for creating GraphQL APIs (3.1 LOW)
- CVE-2026-4035 — A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which... (7.7 HIGH)
- CVE-2026-44653 — LibreChat is an enhanced ChatGPT clone that supports multiple AI providers (6.5 MEDIUM)
- CVE-2026-35447 — NamelessMC is website software for Minecraft servers