MeldSecurity
Press Enter to search
CVE Database & Search β†’
Sign In Get Started

CVE-2026-27169

πŸ”΄ HIGH

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below render untrusted user/model content in chat tool UI surfaces usin...

Published
Feb 21, 2026
Last Modified
Feb 21, 2026
Views
8
Bookmarks
0

Description

Request Expert Review

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below render untrusted user/model content in chat tool UI surfaces using unsafe HTML interpolation patterns, leading to XSS. Stored content can execute JavaScript when later viewed in authenticated sessions. An attacker who can influence stored study/quiz/flashcard content could trigger script execution in a victim’s browser, potentially performing actions as that user in the local app session. This issue has been fixed in version 1.1.3-alpha.

CVSS Scores

CVSS 3.1 8.9
8.9
HIGH
CVSS 2.0 8.9

References

github.com github.com

Additional Information

Source
security-advisories@github.com
State
Received

Related CVEs

CVE-2026-2860

MEDIUM

A security vulnerability has been detected in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted i...

Score: 6.3

CVE-2026-27197

CRITICAL

Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML...

Score: 9.1

CVE-2026-27196

HIGH

Statmatic is a Laravel and Git powered content management system (CMS). Versions 5.73.8 and below in addition to 6.0.0-alpha.1 through 6.3.1 have a St...

Score: 8.1

CVE-2026-27203

HIGH

eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnera...

Score: 8.3

CVE-2026-27189

MEDIUM

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below, use non-atomic...

Score: 6.6

CVE-2026-27170

HIGH

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest...

Score: 7.1

Share CVE-2026-27169

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2026-27169 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis