{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27170", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-18T00:18:53.963Z", "datePublished": "2026-02-20T23:58:22.726Z", "dateUpdated": "2026-02-25T21:26:30.324Z"}, "containers": {"cna": {"title": "OpenSift: SSRF risk in URL ingestion endpoint", "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-3w2r-hj5p-h6pp", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-3w2r-hj5p-h6pp"}, {"name": "https://github.com/OpenSift/OpenSift/releases/tag/v1.1.3-alpha", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSift/OpenSift/releases/tag/v1.1.3-alpha"}], "affected": [{"vendor": "OpenSift", "product": "OpenSift", "versions": [{"version": "< 1.1.3-alpha", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-20T23:58:22.726Z"}, "descriptions": [{"lang": "en", "value": "OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest allows overly permissive server-side fetch behavior and can be coerced into requesting unsafe targets. Potential access/probing of private/local network resources from the OpenSift host process when ingesting attacker-controlled URLs. This issue has been fixed in version 1.1.3-alpha. To workaround when using trusted local-only exceptions, use OPENSIFT_ALLOW_PRIVATE_URLS=true with caution."}], "source": {"advisory": "GHSA-3w2r-hj5p-h6pp", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-25T21:26:21.737497Z", "id": "CVE-2026-27170", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-25T21:26:30.324Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27170", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-25T21:26:21.737497Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-25T21:26:26.188Z"}}], "cna": {"title": "OpenSift: SSRF risk in URL ingestion endpoint", "source": {"advisory": "GHSA-3w2r-hj5p-h6pp", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "OpenSift", "product": "OpenSift", "versions": [{"status": "affected", "version": "< 1.1.3-alpha"}]}], "references": [{"url": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-3w2r-hj5p-h6pp", "name": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-3w2r-hj5p-h6pp", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OpenSift/OpenSift/releases/tag/v1.1.3-alpha", "name": "https://github.com/OpenSift/OpenSift/releases/tag/v1.1.3-alpha", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest allows overly permissive server-side fetch behavior and can be coerced into requesting unsafe targets. Potential access/probing of private/local network resources from the OpenSift host process when ingesting attacker-controlled URLs. This issue has been fixed in version 1.1.3-alpha. To workaround when using trusted local-only exceptions, use OPENSIFT_ALLOW_PRIVATE_URLS=true with caution."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-20T23:58:22.726Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27170", "state": "PUBLISHED", "dateUpdated": "2026-02-25T21:26:30.324Z", "dateReserved": "2026-02-18T00:18:53.963Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-20T23:58:22.726Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensift:opensift:*:*:*:*:*:python:*:*", "matchCriteriaId": "319EE5EC-3784-4572-A7A3-DFE3BC789A64", "versionEndExcluding": "1.1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest allows overly permissive server-side fetch behavior and can be coerced into requesting unsafe targets. Potential access/probing of private/local network resources from the OpenSift host process when ingesting attacker-controlled URLs. This issue has been fixed in version 1.1.3-alpha. To workaround when using trusted local-only exceptions, use OPENSIFT_ALLOW_PRIVATE_URLS=true with caution."}], "id": "CVE-2026-27170", "lastModified": "2026-02-23T20:50:25.223", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-02-21T00:16:16.980", "references": [{"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/OpenSift/OpenSift/releases/tag/v1.1.3-alpha"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-3w2r-hj5p-h6pp"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.1.3-alpha)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "opensift", "vendor": "opensift"}], "analysis": {"en": {"generated_at": "2026-04-18T11:21:49.110647+00:00", "value": {"mitigation_remediation": ["Upgrade OpenSift to version\u00a01.1.3\u2011alpha or newer to eliminate the SSRF flaw", "If using trusted private URLs, set OPENSIFT_ALLOW_PRIVATE_URLS=true but enable only after verifying the URLs are safe and monitor for malicious usage", "Restrict access to the URL ingestion endpoint by applying network segmentation, firewall rules, or authentication to limit exposure to untrusted actors"], "summary": {"action": "Apply patch", "impact": "Server\u2011side request forgery that can expose private network resources"}, "threat_synthesis": {"affected_systems": "The issue affects OpenSift, a semantic\u2011search and generative\u2011AI study tool. Versions 1.1.2\u2011alpha and earlier are vulnerable. The problem was corrected in 1.1.3\u2011alpha. No other versions are reported as affected.", "description_and_impact": "OpenSift\u2019s URL ingestion endpoint accepts user\u2011supplied URLs and fetches them unfiltered, enabling a server\u2011side request forgery vulnerability. An attacker that can supply a crafted URL can cause the OpenSift host process to contact internal or private network addresses, potentially exposing confidential data or services. The flaw is rooted in improper input validation (CWE\u201120) and classic SSRF behavior (CWE\u2011918).", "risk_and_exploitability": "The CVSS score of 7.1 indicates moderate\u2011to\u2011high severity, while the EPSS of less than 1\u202f% suggests a low current exploitation likelihood. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to reach the OpenSift ingestion endpoint with a malicious URL; the request is then performed by the host without authentication checks. If the endpoint is publicly reachable or accessible from untrusted networks, the path to internal resources is straightforward and does not require privileged credentials on the host. Official remediation is to upgrade to 1.1.3\u2011alpha or later. As an insecure workaround, the environment variable OPENSIFT_ALLOW_PRIVATE_URLS=true can be enabled to allow trusted private URLs, but this must be used with caution because it re\u2011introduces the SSRF risk for any incoming URLs."}}}}, "created": "2026-02-23T14:32:57.711104+00:00", "updated": "2026-04-18T11:30:44.313767+00:00", "vendors": ["opensift", "opensift$PRODUCT$opensift"], "weaknesses": ["CWE-20", "CWE-918"]}