CVE-2026-27170
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Lifecycle Timeline
2Description
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest allows overly permissive server-side fetch behavior and can be coerced into requesting unsafe targets. Potential access/probing of private/local network resources from the OpenSift host process when ingesting attacker-controlled URLs. This issue has been fixed in version 1.1.3-alpha. To workaround when using trusted local-only exceptions, use OPENSIFT_ALLOW_PRIVATE_URLS=true with caution.
Analysis
OpenSift versions 1.1.2-alpha and below allow authenticated attackers to abuse the URL ingest feature's overly permissive server-side request functionality to probe or access private and local network resources from the OpenSift host. The vulnerability requires valid credentials but no user interaction, enabling attackers to enumerate or interact with internal infrastructure not otherwise accessible. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Audit all OpenShift deployments to identify instances running v1.1.2-alpha or below and document their data classification and network connectivity. Within 7 days: Implement network segmentation to restrict outbound connections from affected systems and disable URL ingest functionality if operationally feasible. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today