Description
Iris is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 contain a weakness where an attacker can misuse it to redirect the user to a malicious website controlled by an attacker. Version 2.4.28 fixes the issue.
Published: 2026-06-04
Score: 4.7 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an open redirect flaw in Iris Web that allows an attacker to craft URLs directing users to malicious sites. An attacker can trigger the redirect without user authentication by sending a specially crafted link, potentially facilitating phishing or drive‑by download attacks. The weakness is a low‑to‑moderate impact, but it can be used to degrade user trust and enable further exploits once a user follows the redirect.

Affected Systems

This issue affects Iris Web by dfir-iris on all versions earlier than 2.4.28. Versions 2.4.28 and later contain a fix that removes the vulnerable redirect mechanism, so those releases are not affected.

Risk and Exploitability

The CVSS score of 4.7 indicates a moderate severity, and the EPSS score is not available, which means we lack data on current exploitation probability. The vulnerability is not listed in CISA KEV, suggesting no widespread, active exploitation has been reported yet. The likely attack vector is remote, relying on a victim clicking a crafted URL, and no privileged access or system compromise is required to exploit the flaw.

Generated by OpenCVE AI on June 4, 2026 at 22:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Iris Web to version 2.4.28 or later to eliminate the redirect flaw.
  • If an upgrade cannot be performed immediately, disable or restrict the redirect endpoint and validate redirect URLs against a whitelist to block malicious redirects.
  • Monitor user traffic for anomalous redirect behavior and configure alerts for suspicious redirect attempts to detect potential exploitation attempts.

Generated by OpenCVE AI on June 4, 2026 at 22:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Jun 2026 07:45:00 +0000

Type Values Removed Values Added
First Time appeared Dfir-iris
Dfir-iris iris
Vendors & Products Dfir-iris
Dfir-iris iris

Thu, 04 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
References

Thu, 04 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
Description Iris is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 contain a weakness where an attacker can misuse it to redirect the user to a malicious website controlled by an attacker. Version 2.4.28 fixes the issue.
Title Iris has an Open Redirect issue
Weaknesses CWE-602
References
Metrics cvssV3_1

{'score': 4.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N'}

Subscriptions

Dfir-iris Iris
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-04T21:36:11.679Z

Reserved: 2026-04-26T12:37:18.171Z

Link: CVE-2026-42329

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-04T21:16:30.563

Modified: 2026-06-04T22:16:53.090

Link: CVE-2026-42329

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T07:30:30Z

Weaknesses