MeldSecurity
Press Enter to search
CVE Database & Search →
Sign In Get Started

CVE-2026-27170

🔴 HIGH

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest allows overly permissive server-side fetch behavio...

Published
Feb 21, 2026
Last Modified
Feb 21, 2026
Views
7
Bookmarks
0

Description

Request Expert Review

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest allows overly permissive server-side fetch behavior and can be coerced into requesting unsafe targets. Potential access/probing of private/local network resources from the OpenSift host process when ingesting attacker-controlled URLs. This issue has been fixed in version 1.1.3-alpha. To workaround when using trusted local-only exceptions, use OPENSIFT_ALLOW_PRIVATE_URLS=true with caution.

CVSS Scores

CVSS 3.1 7.1
7.1
HIGH
CVSS 2.0 7.1

References

github.com github.com

Additional Information

Source
security-advisories@github.com
State
Received

Related CVEs

CVE-2026-2860

MEDIUM

A security vulnerability has been detected in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted i...

Score: 6.3

CVE-2026-27197

CRITICAL

Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML...

Score: 9.1

CVE-2026-27196

HIGH

Statmatic is a Laravel and Git powered content management system (CMS). Versions 5.73.8 and below in addition to 6.0.0-alpha.1 through 6.3.1 have a St...

Score: 8.1

CVE-2026-27203

HIGH

eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnera...

Score: 8.3

CVE-2026-27189

MEDIUM

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below, use non-atomic...

Score: 6.6

CVE-2026-27169

HIGH

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below render untruste...

Score: 8.9

Share CVE-2026-27170

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2026-27170 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis