Sensitive Data Exposure in IRIS Web Collaborative Platform
CVE-2026-42539
6.5MEDIUM
What is CVE-2026-42539?
The IRIS web collaborative platform enables incident responders to share critical technical details during investigations. However, in versions prior to 2.4.28, the platform inadvertently exposes sensitive data that is unnecessary for client operations. This vulnerability could lead to unauthorized access to sensitive information, potentially compromising security and privacy. The issue has been addressed in version 2.4.28, which includes a patch to mitigate this risk.
Affected Version(s)
iris-web < 2.4.28
