Browse all 6 CVE security advisories affecting dfir-iris. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-22783 | Iris Allows Arbitrary File Deletion via Mass Assignment in Datastore File Management — iris-webCWE-434 | 9.6 | Critical | 2026-01-12 |
| CVE-2024-34060 | Arbitrary File Write in IRIS EVTX Pipeline — iris-evtx-moduleCWE-22 | 8.8 | High | 2024-05-23 |
| CVE-2024-25624 | iris-web vulnerable to Server Side Template Injection in reports — iris-webCWE-1336 | 6.8 | Medium | 2024-04-25 |
| CVE-2024-25640 | Improper Neutralization of Alternate XSS Syntax in iris-web — iris-webCWE-87 | 4.6 | Medium | 2024-02-19 |
| CVE-2023-50712 | Improper Neutralization of Alternate XSS Syntax in iris-web — iris-webCWE-87 | 4.6 | Medium | 2023-12-22 |
| CVE-2023-30615 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in iris-web — iris-webCWE-80 | 6.3 | Medium | 2023-05-25 |
This page lists every published CVE security advisory associated with dfir-iris. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.