A webserver shouldn't be calling io_uring internals without doing its own bound checking and http logic, nor should it be calling io_uring with remote-controlled crafted fd's or access pattern that might still have bugs in them.

At the level you'd be exposing io_uring (internals) via external http requests; it's security is perfectly fine.