CVE-2026-28677

Published: Mar 6, 2026Modified: Mar 18, 2026

8.2

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Exploitability: 3.9 / Impact: 4.2

Source: security-advisories@github.com (Secondary)

Description

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although private/local host checks existed, missing restrictions for credentialed URLs, non-standard ports, and cross-host redirects left SSRF-class abuse paths in non-localhost deployments. This issue has been patched in version 1.6.3-alpha.

Affected (1)

Products: Opensift: Opensift

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Opensift Opensift	Before 1.6.3

Related CWEs

Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (5)

https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b

Source: security-advisories@github.com

Patch

https://github.com/OpenSift/OpenSift/commit/de99b9c

Source: security-advisories@github.com

Patch

https://github.com/OpenSift/OpenSift/pull/67

Source: security-advisories@github.com

Issue TrackingPatch

https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha

Source: security-advisories@github.com

Release Notes

https://github.com/OpenSift/OpenSift/security/advisories/GHSA-5jfc-p787-2mf9

Source: security-advisories@github.com

Vendor AdvisoryPatch

Timeline

No history available yet.