A vulnerability has been found in dfir-iris iris-web up to 2.4.27 and classified as critical . Affected by this issue is some unknown functionality. This manipulation causes incorrect authorization. This vulnerability appears as CVE-2026-42547 . The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.