Skip to main content

Iris

6 CVEs product

Monthly

CVE-2026-22783 CRITICAL PATCH Act Now

DFIR-IRIS incident response platform before 2.4.24 allows authenticated users to delete arbitrary filesystem paths through mass assignment of the file_local_name field combined with path trust in the delete operation. Scope change with high integrity/availability impact. Patch available.

Information Disclosure Iris
NVD GitHub
CVSS 3.1
9.6
EPSS
0.1%
CVE-2024-25624 MEDIUM This Month

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ssti Iris
NVD GitHub
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-25640 MEDIUM This Month

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass XSS Iris
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-50712 MEDIUM This Month

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Authentication Bypass Iris
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-30615 MEDIUM This Month

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Authentication Bypass Iris
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2021-23772 Go HIGH POC PATCH This Week

This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Iris
NVD GitHub
CVSS 3.1
8.8
EPSS
1.8%
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

DFIR-IRIS incident response platform before 2.4.24 allows authenticated users to delete arbitrary filesystem paths through mass assignment of the file_local_name field combined with path trust in the delete operation. Scope change with high integrity/availability impact. Patch available.

Information Disclosure Iris
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM This Month

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ssti Iris
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass XSS Iris
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Authentication Bypass Iris
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Authentication Bypass Iris
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Iris
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy