Opensift
CVE-2026-28677
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Lifecycle Timeline
2DescriptionGitHub Advisory
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although private/local host checks existed, missing restrictions for credentialed URLs, non-standard ports, and cross-host redirects left SSRF-class abuse paths in non-localhost deployments. This issue has been patched in version 1.6.3-alpha.
AnalysisAI
OpenSift versions prior to 1.6.3-alpha are vulnerable to server-side request forgery (SSRF) attacks through the URL ingest pipeline, which fails to properly validate credentialed URLs, non-standard ports, and cross-host redirects in non-localhost deployments. An unauthenticated remote attacker can exploit this to access internal resources and potentially exfiltrate sensitive data from the affected system. No patch is currently available for this vulnerability.
Technical ContextAI
This vulnerability (CWE-918: Server-Side Request Forgery (SSRF)) affects OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI.. OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although private/local host checks existed, missing restrictions for credentialed URLs, non-standard ports, and cross-host redirects left SSRF-class abuse paths in non-localhost deployments. This issue has been patched in version 1.6.3-alpha.
RemediationAI
Fixed in version 1.6.3. Restrict network access to the affected service where possible.
Stored cross-site scripting in OpenSift versions 1.1.2-alpha and below allows authenticated attackers to execute arbitra
OpenShift versions prior to 1.6.3-alpha contain a path traversal vulnerability in multiple storage helpers that fail to
OpenSift versions 1.1.2-alpha and below allow authenticated attackers to abuse the URL ingest feature's overly permissiv
OpenShift versions 1.1.2-alpha and below suffer from a race condition in local JSON persistence that allows authenticate
OpenShift versions prior to 1.6.3-alpha leak sensitive information through multiple vectors, including raw exception str
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today