CVE-2026-28676

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in file read/write/delete flows if malicious path-like values were introduced. This issue has been patched in version 1.6.3-alpha.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b	Patch
https://github.com/OpenSift/OpenSift/commit/de99b9c	Patch
https://github.com/OpenSift/OpenSift/pull/67	Issue Tracking Patch
https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha	Release Notes
https://github.com/OpenSift/OpenSift/security/advisories/GHSA-ww4m-c7hv-2rqv	Vendor Advisory Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:opensift:opensift:*:*:*:*:*:python:*:*

History

No history.

Information

Published : 2026-03-06 05:16

Updated : 2026-03-18 13:02

NVD link : CVE-2026-28676

Mitre link : CVE-2026-28676

CVE.ORG link : CVE-2026-28676

JSON object : View

Products Affected

opensift

opensift

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2026-28676", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-03-06T05:16:36.270", "references": [{"url": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/OpenSift/OpenSift/commit/de99b9c", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/OpenSift/OpenSift/pull/67", "tags": ["Issue Tracking", "Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-ww4m-c7hv-2rqv", "tags": ["Vendor Advisory", "Patch"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in file read/write/delete flows if malicious path-like values were introduced. This issue has been patched in version 1.6.3-alpha."}, {"lang": "es", "value": "OpenSift es una herramienta de estudio de IA que tamiza grandes conjuntos de datos utilizando b\u00fasqueda sem\u00e1ntica e IA generativa. Antes de la versi\u00f3n 1.6.3-alpha, m\u00faltiples asistentes de almacenamiento utilizaban patrones de construcci\u00f3n de rutas que no aplicaban uniformemente la contenci\u00f3n del directorio base. Esto creaba riesgo de inyecci\u00f3n de rutas en los flujos de lectura/escritura/eliminaci\u00f3n de archivos si se introduc\u00edan valores maliciosos similares a rutas. Este problema ha sido parcheado en la versi\u00f3n 1.6.3-alpha."}], "lastModified": "2026-03-18T13:02:04.840", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:opensift:opensift:*:*:*:*:*:python:*:*", "vulnerable": true, "matchCriteriaId": "D1037E2F-1527-4C09-8D8D-78E56E6DDC78", "versionEndExcluding": "1.6.3"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}